|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200504-26] Convert-UUlib: Buffer overflow Vulnerability Scan
Vulnerability Scan Summary Convert-UUlib: Buffer overflow
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200504-26
(Convert-UUlib: Buffer overflow)
A vulnerability has been reported in Convert-UUlib where a
malformed parameter can be provided by a possible hacker allowing a read
operation to overflow a buffer. The vendor credits Mark Martinec and
Robert Lewis with the discovery.
Impact
Successful exploitation would permit a possible hacker to run arbitrary
code with the rights of the user running the Perl application.
Workaround
There is no known workaround at this time.
Solution:
All Convert-UUlib users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-perl/Convert-UUlib-1.051"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|