Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN70-1 : libdbi-perl vulnerabilities Vulnerability Scan


Vulnerability Scan Summary
libdbi-perl vulnerabilities

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote package "libdbi-perl" is missing a security patch.

Description :

Javier Fernández-Sanguino Peña from the Debian Security Audit Project
discovered that the module DBI::ProxyServer in Perl's DBI library
created a PID file in an insecure manner. This could allow a symbolic
link attack to create or overwrite arbitrary files with the rights
of the user invoking a program using this module (like 'dbiproxy').

Now the module does not create a such a PID file by default.

Solution :

Upgrade to :
- libdbi-perl-1.42-3ubuntu0.1 (Ubuntu 4.10)



Threat Level: High


Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.