Oracle Solaris Third-Party Patch Update : perl (cve_2014_4330_buffer_errors)
Low Nessus Plugin ID 80735
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function.
SolutionUpgrade to Solaris 184.108.40.206.0.