You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke libapache2-mod-perl2

Sigurnosni nedostatak programske biblioteke libapache2-mod-perl2

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3825-2
November 22, 2018

libapache2-mod-perl2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 ESM

Summary:

mod_perl could be made to run programs contrary to expectations.

Software Description:
– libapache2-mod-perl2: Integration of perl with the Apache2 web server

Details:

USN-3825-1 fixed a vulnerability in mod_perl. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 Jan Ingvoldstad discovered that mod_perl incorrectly handled
 configuration options to disable being used by unprivileged users,
 contrary to the documentation. A local attacker could possibly use
 this issue to execute arbitrary Perl code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  libapache2-mod-perl2            2.0.5-5ubuntu1.1

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-3825-2
  https://usn.ubuntu.com/usn/usn-3825-1
  CVE-2011-2767—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJb9qqPAAoJEEW851uECx9p9WkQALiq2Vxhl9v9vZELmpx05s7p
TiuyxQH3OMT47mzLarKxa9ZurFgp7QtM5fH0S/hK7OC1lxXbVuPHKmkPiX8XjFwh
E9o3rtqq0f6+gE3nS+YopJ4yOjdbwfhmB25FFS3FWtTpr83GVRr2WXN+i0C/JKWJ
TxI9ke7KAjiH7pAqxfdFTrV6e+LDd8CV9kyIsmQIEik2zk7VbCZjwE68LsxjDfT5
arozd378Ne9xR1FLRPoLTQ+ELHMysp8blmV6FML59eN8Pw9xUO3J8lOIx+zNqZsQ
A8JQCiBIe+o0lKY5x/VpTYam3VsizhEfDkbdPvhsZSQjdbRsyQHw9gCd4z0zQiUx
pQ1Uhb5VmbdZfgGlsqXQo3j91X1vYPzJ1cXKPgCJfrG0hblMSd3pwaTPtX3mTT/D
PIxsLVNa0//mqBP0aAkXzQpV45O0OLBX/oXoN4tNWU3wUb7eMQc3e/+w66aiutg/
Bf8VpMY7QtYtEWXoYYDXRq856CR3tTaFsfFMdobnOLKsk8vZ7o3IL49ZrJLB2Eqs
/luLXXrrS1qPY4VZLb8vuaEoysE67LIcdXkX2gxEYVA+5w5Cu6VFzHqcqSB6F8TM
wPkeBwgBT7Lep5VDJxI2nB49XE7FDiMOgFeNj1+FSRhYWDlFFw71/G0NOy+4c3X7
ZOd6NiAYjhomlzkeYnjS
=7ZWt
—–END PGP SIGNATURE—–

AutorZvonimir Bosnjak
Cert idNCERT-REF-2018-11-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libconfuse

Otkriven je sigurnosni nedostatak programske biblioteke libconfuse za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja. Savjetuje...

Close