Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2003:257
HistorySep 22, 2003 - 12:00 a.m.

(RHSA-2003:257) perl security update

2003-09-2200:00:00
access.redhat.com
31

EPSS

0.011

Percentile

84.5%

JSON

Perl is a high-level programming language commonly used for system
administration utilities and Web programming.

Two security issues have been found in Perl that affect the Perl packages
shipped with Red Hat Enterprise Linux:

When safe.pm versions 2.0.7 and earlier are used with Perl 5.8.0 and
earlier, it is possible for an attacker to break out of safe compartments
within Safe::reval and Safe::rdo by using a redefined @_ variable. This is
due to the fact that the redefined @_ variable is not reset between
successive calls. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2002-1323 to this issue.

A cross-site scripting vulnerability was discovered in the start_form()
function of CGI.pm. The vulnerability allows a remote attacker to insert a
Web script via a URL fed into the form’s action parameter. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0615 to this issue.

Users of Perl are advised to upgrade to these erratum packages, which
contain Perl 5.6.1 with backported security patches correcting these issues.

OSVersionArchitecturePackageVersionFilename
RedHatanyia64perl< 5.6.1-36.1.99entperl-5.6.1-36.1.99ent.ia64.rpm
RedHatanyi386perl-cgi< 2.752-36.1.99entperl-CGI-2.752-36.1.99ent.i386.rpm
RedHatanyi386perl-ndbm_file< 1.75-36.1.99entperl-NDBM_File-1.75-36.1.99ent.i386.rpm
RedHatanyi386perl-db_file< 1.75-36.1.99entperl-DB_File-1.75-36.1.99ent.i386.rpm
RedHatanyi386perl-suidperl< 5.6.1-36.1.99entperl-suidperl-5.6.1-36.1.99ent.i386.rpm
RedHatanyia64perl-ndbm_file< 1.75-36.1.99entperl-NDBM_File-1.75-36.1.99ent.ia64.rpm
RedHatanyia64perl-db_file< 1.75-36.1.99entperl-DB_File-1.75-36.1.99ent.ia64.rpm
RedHatanyia64perl-cpan< 1.59_54-36.1.99entperl-CPAN-1.59_54-36.1.99ent.ia64.rpm
RedHatanyia64perl-suidperl< 5.6.1-36.1.99entperl-suidperl-5.6.1-36.1.99ent.ia64.rpm
RedHatanyia64perl-cgi< 2.752-36.1.99entperl-CGI-2.752-36.1.99ent.ia64.rpm
Rows per page:
1-10 of 121

Related

nessus 4
openvas 16
cvelist 2
nvd 2
osv 2
debiancve 2
cve 2
cert 1
debian 3
securityvulns 1
nessus
nessus
RHEL 2.1 : perl (RHSA-2003:257)
2004-07-06 00:00:00
Debian DSA-208-1 : perl - broken safe compartment
2004-09-29 00:00:00
Debian DSA-371-1 : perl - XSS
2004-09-29 00:00:00
openvas
openvas
Solaris Update for Perl 119449-01
2009-06-03 00:00:00
Solaris Update for Perl 119449-01
2009-06-03 00:00:00
Debian Security Advisory DSA 371-1 (perl)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2003-0615
2003-08-01 04:00:00
CVE-2002-1323
2004-09-01 04:00:00
nvd
nvd
CVE-2003-0615
2003-08-27 04:00:00
CVE-2002-1323
2002-12-11 05:00:00
osv
osv
perl - cross-site scripting
2003-08-11 00:00:00
perl - broken safe compartment
2002-12-12 00:00:00
debiancve
debiancve
CVE-2003-0615
2003-08-27 04:00:00
CVE-2002-1323
2004-09-01 04:00:00
cve
cve
CVE-2003-0615
2003-08-27 04:00:00
CVE-2002-1323
2004-09-01 04:00:00
cert
cert
CGI.pm vulnerable to Cross-site Scripting
2003-10-07 00:00:00
debian
debian
[SECURITY] [DSA 208-1] New Perl packages correct Safe handling
2002-12-12 14:46:52
[SECURITY] [DSA-371-1] New perl packages fix cross-site scripting
2003-08-12 03:32:18
[SECURITY] [DSA 208-1] New Perl packages correct Safe handling
2002-12-12 14:46:52
securityvulns
securityvulns
[SECURITY] [DSA 208-1] New Perl packages correct Safe handling
2002-12-14 00:00:00

EPSS

0.011

Percentile

84.5%

JSON
Related for RHSA-2003:257
nessus4openvas16cvelist2nvd2osv2debiancve2cve2cert1debian3securityvulns1