Mandrake Linux Security Advisory : pcre (MDKSA-2007:212)

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

Multiple vulnerabilities were discovered by Tavis Ormandy and Will
Drewry in the way that pcre handled certain malformed regular
expressions. If an application linked against pcre, such as Konqueror,
parses a malicious regular expression, it could lead to the execution
of arbitrary code as the user running the application.

Updated packages have been patched to prevent this issue.
Additionally, Corporate Server 4.0 was updated to pcre version 6.7
which corrected CVE-2006-7225, CVE-2006-7226, CVE-2006-7227,
CVE-2006-7228, and CVE-2006-7230.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 27849 (mandrake_MDKSA-2007-212.nasl)

Bugtraq ID:

CVE ID: CVE-2006-7225
CVE-2006-7226
CVE-2006-7227
CVE-2006-7228
CVE-2006-7230
CVE-2007-1659
CVE-2007-1660
CVE-2007-4766
CVE-2007-4767
CVE-2007-4768

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now