Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Titlelibyaml-libyaml-perl security update
Informations
NameDSA-2432First vendor Publication2012-03-12
VendorDebianLast vendor Modification2012-03-12
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Dominic Hargreaves and Niko Tyni discovered two format string vulnerabilities in YAML::LibYAML, a Perl interface to the libyaml library.

For the stable distribution (squeeze), this problem has been fixed in version 0.33-1+squeeze1.

For the unstable distribution (sid), this problem has been fixed in version 0.38-2.

We recommend that you upgrade your libyaml-libyaml-perl packages.

Original Source

Url : http://www.debian.org/security/2012/dsa-2432

CWE : Common Weakness Enumeration

idName
CWE-134Uncontrolled Format String (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15295
 
Oval ID: oval:org.mitre.oval:def:15295
Title: DSA-2432-1 libyaml-libyaml-perl -- format string vulnerabilities
Description: Dominic Hargreaves and Niko Tyni discovered two format string vulnerabilities in YAML::LibYAML, a Perl interface to the libyaml library.
Family: unix Class: patch
Reference(s): DSA-2432-1
CVE-2012-1152
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): libyaml-libyaml-perl
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

OpenVAS Exploits

DateDescription
2012-08-30Name : Fedora Update for perl-YAML-LibYAML FEDORA-2012-4871
File : nvt/gb_fedora_2012_4871_perl-YAML-LibYAML_fc17.nasl
2012-04-30Name : Debian Security Advisory DSA 2432-1 (libyaml-libyaml-perl)
File : nvt/deb_2432_1.nasl
2012-04-11Name : Fedora Update for perl-YAML-LibYAML FEDORA-2012-4997
File : nvt/gb_fedora_2012_4997_perl-YAML-LibYAML_fc15.nasl
2012-04-11Name : Fedora Update for perl-YAML-LibYAML FEDORA-2012-5035
File : nvt/gb_fedora_2012_5035_perl-YAML-LibYAML_fc16.nasl

Nessus® Vulnerability Scanner

DateDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-521.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-69.nasl - Type : ACT_GATHER_INFO
2012-04-12Name : The remote Fedora host is missing a security update.
File : fedora_2012-4871.nasl - Type : ACT_GATHER_INFO
2012-04-09Name : The remote Fedora host is missing a security update.
File : fedora_2012-4997.nasl - Type : ACT_GATHER_INFO
2012-04-09Name : The remote Fedora host is missing a security update.
File : fedora_2012-5035.nasl - Type : ACT_GATHER_INFO
2012-03-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2432.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2014-02-17 11:30:56
  • Multiple Updates