Executive Summary

Summary
Titlelibyaml-libyaml-perl security update
Informations
NameDSA-2432First vendor Publication2012-03-12
VendorDebianLast vendor Modification2012-03-12
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Dominic Hargreaves and Niko Tyni discovered two format string vulnerabilities in YAML::LibYAML, a Perl interface to the libyaml library.

For the stable distribution (squeeze), this problem has been fixed in version 0.33-1+squeeze1.

For the unstable distribution (sid), this problem has been fixed in version 0.38-2.

We recommend that you upgrade your libyaml-libyaml-perl packages.

Original Source

Url : http://www.debian.org/security/2012/dsa-2432

CWE : Common Weakness Enumeration

idName
CWE-134Uncontrolled Format String

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

OpenVAS Exploits

DateDescription
2012-08-30Name : Fedora Update for perl-YAML-LibYAML FEDORA-2012-4871
File : nvt/gb_fedora_2012_4871_perl-YAML-LibYAML_fc17.nasl
2012-04-30Name : Debian Security Advisory DSA 2432-1 (libyaml-libyaml-perl)
File : nvt/deb_2432_1.nasl
2012-04-11Name : Fedora Update for perl-YAML-LibYAML FEDORA-2012-4997
File : nvt/gb_fedora_2012_4997_perl-YAML-LibYAML_fc15.nasl
2012-04-11Name : Fedora Update for perl-YAML-LibYAML FEDORA-2012-5035
File : nvt/gb_fedora_2012_5035_perl-YAML-LibYAML_fc16.nasl

Nessus® Vulnerability Scanner

DateDescription
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-69.nasl - Type : ACT_GATHER_INFO
2012-04-12Name : The remote Fedora host is missing a security update.
File : fedora_2012-4871.nasl - Type : ACT_GATHER_INFO
2012-04-09Name : The remote Fedora host is missing a security update.
File : fedora_2012-4997.nasl - Type : ACT_GATHER_INFO
2012-04-09Name : The remote Fedora host is missing a security update.
File : fedora_2012-5035.nasl - Type : ACT_GATHER_INFO
2012-03-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2432.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2014-02-17 11:30:56
  • Multiple Updates