Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3597

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-3597
Last Modified 05 Dec 2013 12:04:48
Published 13 Jan 2012 01:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3597

Summary

Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor.

Vulnerable Systems

Application

  • Gisle Aas Digest 1.00

  • Gisle Aas Digest 1.01

  • Gisle Aas Digest 1.02

  • Gisle Aas Digest 1.03

  • Gisle Aas Digest 1.04

  • Gisle Aas Digest 1.05

  • Gisle Aas Digest 1.06

  • Gisle Aas Digest 1.07

  • Gisle Aas Digest 1.08

  • Gisle Aas Digest 1.09

  • Gisle Aas Digest 1.10

  • Gisle Aas Digest 1.11

  • Gisle Aas Digest 1.12

  • Gisle Aas Digest 1.13

  • Gisle Aas Digest 1.14

  • Gisle Aas Digest 1.15

  • Gisle Aas Digest 1.16


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=743010

BID - 49911

REDHAT - RHSA-2011:1797

REDHAT - RHSA-2011:1424

SECUNIA - 46279

CONFIRM - http://cpansearch.perl.org/src/GAAS/Digest-1.17/Changes

CONFIRM - http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.asc

MANDRIVA - MDVSA-2012:009

MANDRIVA - MDVSA-2012:008

UBUNTU - USN-1643-1

SECUNIA - 51457

Related Patches

Red Hat 2011:1797-01 RHSA Moderate: perl security update for RHEL 4 x86

Red Hat 2011:1797-01 RHSA Moderate: perl security update for RHEL 5 x86

Red Hat 2011:1797-01 RHSA Moderate: perl security update for RHEL 5 x86_64

Red Hat 2011:1797-01 RHSA Moderate: perl security update for RHEL 4 x86_64


Last Updated: 27 May 2016 10:57:20