Infesting you with Virus News
 

Vulnerabilities

Perl CGI.pm Header Values Newline Handling Unspecified Security Vulnerability (PC1-2011-8201)

Overview

Vulnerability chart

 Overview: N/A
Vulnerable:
Avaya Aura Conferencing
Unknown vulnerability
Unknown patch
availability
Patch implementation
unknown

References to Advisories, Solutions, and Tools

Release date: 2011-12-08
Description: Perl CGI.pm is prone to an unspecified security vulnerability related to the handling of newlines embedded in header values.

Very few details are available regarding this issue. We will update this BID as more information emerges.
Impact: Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
Solution: Updates are available. Please see the references for more information.

NOTE: This issue was originally thought to be patched in CGI.pm 3.50, however, further testing revealed that another patch was required (3.51).


Mandriva Linux Mandrake 2010.1 x86_64
  • Mandriva perl-CGI-3.510.0-0.1mdv2010.2.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Fast-3.510.0-0.1mdv2010.2.noarch.rpm
    http://www.mandriva.com/en/download/


Mandriva Linux Mandrake 2010.0
  • Mandriva perl-CGI-3.510.0-0.1mdv2010.0.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Fast-3.510.0-0.1mdv2010.0.noarch.rpm
    http://www.mandriva.com/en/download/


Mandriva Linux Mandrake 2009.0 x86_64
  • Mandriva perl-CGI-3.51-0.1mdv2009.0.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Fast-3.51-0.1mdv2009.0.noarch.rpm
    http://www.mandriva.com/en/download/


MandrakeSoft Enterprise Server 5 x86_64
  • Mandriva perl-CGI-3.51-0.1mdvmes5.1.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Fast-3.51-0.1mdvmes5.1.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Simple-1.1-4.1mdvmes5.1.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Simple-1.1-4.2mdvmes5.1.noarch.rpm
    http://www.mandriva.com/en/download/


MandrakeSoft Enterprise Server 5
  • Mandriva perl-CGI-3.51-0.1mdvmes5.1.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Fast-3.51-0.1mdvmes5.1.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Simple-1.1-4.1mdvmes5.1.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Simple-1.1-4.2mdvmes5.1.noarch.rpm
    http://www.mandriva.com/en/download/


Mandriva Linux Mandrake 2010.0 x86_64
  • Mandriva perl-CGI-3.510.0-0.1mdv2010.0.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Fast-3.510.0-0.1mdv2010.0.noarch.rpm
    http://www.mandriva.com/en/download/


Mandriva Linux Mandrake 2010.1
  • Mandriva perl-CGI-3.510.0-0.1mdv2010.2.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Fast-3.510.0-0.1mdv2010.2.noarch.rpm
    http://www.mandriva.com/en/download/


Mandriva Linux Mandrake 2009.0
  • Mandriva perl-CGI-3.51-0.1mdv2009.0.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Fast-3.51-0.1mdv2009.0.noarch.rpm
    http://www.mandriva.com/en/download/


MandrakeSoft Corporate Server 4.0
  • Mandriva perl-CGI-3.51-0.1.20060mlcs4.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Fast-3.51-0.1.20060mlcs4.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Simple-0.077-1.1.20060mlcs4.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Simple-0.077-1.2.20060mlcs4.noarch.rpm
    http://www.mandriva.com/en/download/


MandrakeSoft Corporate Server 4.0 x86_64
  • Mandriva perl-CGI-3.51-0.1.20060mlcs4.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Fast-3.51-0.1.20060mlcs4.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Simple-0.077-1.1.20060mlcs4.noarch.rpm
    http://www.mandriva.com/en/download/

  • Mandriva perl-CGI-Simple-0.077-1.2.20060mlcs4.noarch.rpm
    http://www.mandriva.com/en/download/
Vulnerable: Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Ubuntu Ubuntu Linux 11.04 powerpc
Ubuntu Ubuntu Linux 11.04 i386
Ubuntu Ubuntu Linux 11.04 ARM
Ubuntu Ubuntu Linux 11.04 amd64
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
SuSE SUSE Linux Enterprise 11 SP1
SuSE SUSE Linux Enterprise 10 SP3
SuSE openSUSE 11.3
Sun Solaris 10_x86
Sun Solaris 10_sparc
S.u.S.E. openSUSE 11.2
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux Desktop version 4
Red Hat Fedora 14
Red Hat Fedora 13
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux 5 Server
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.4.7
Mozilla Bugzilla 3.4.6
Mozilla Bugzilla 3.4.5
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.2.7
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 3.2.2
Mozilla Bugzilla 3.2.1
Mozilla Bugzilla 4.0rc1
Mozilla Bugzilla 3.6rc1
Mozilla Bugzilla 3.6.3
Mozilla Bugzilla 3.6.2
Mozilla Bugzilla 3.6
Mozilla Bugzilla 3.4.9
Mozilla Bugzilla 3.4.8
Mozilla Bugzilla 3.4 rc1
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.2rc2
Mozilla Bugzilla 3.2rc1
Mozilla Bugzilla 3.2.9
Mozilla Bugzilla 3.2.8
Mozilla Bugzilla 3.2
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
Mandriva Linux Mandrake 2010.0 x86_64
Mandriva Linux Mandrake 2010.0
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
Lincoln D. Stein CGI.pm 3.50
Lincoln D. Stein CGI.pm 3.49
Gentoo Linux
References: CPAN Homepage (Lincoln D. Stein)
CVE-2010-2761, CVE-2010-4411 Vulnerabilities in CGI.pm Perl Module in Solaris 10 (Oracle)
Perl Home Page (Perl)
Update CGI.pm to CPAN version 3.50 (Chris 'BinGOs' Williams)
Bugzilla Security Advisory (Bugzilla)

Say something interesting!

Name:
Email:
Website:
Comment:
Please type 5-digit security code below:
Captcha image for spam protection
Home | Files | Programs | Latest Comments | About us | Privacy Policy | Contributors | Write For Us | Contact Us
© 2008 - 2013 pc1news.com - All rights reserved.
Home  Tips  Downloads Videos Files Virus list Vulnerabilities
Home > Vulnerabilities > PC1-2011-8201