Ubuntu USN-794-1 (perl) Network Vulnerability

Summary

The remote host is missing an update to perl announced via advisory USN-794-1.

Solution

The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: libcompress-raw-zlib-perl 2.008-1ubuntu0.1 Ubuntu 8.10: libcompress-raw-zlib-perl 2.011-2ubuntu0.1 perl 5.10.0-11.1ubuntu2.3 Ubuntu 9.04: libcompress-raw-zlib-perl 2.015-1ubuntu0.1 perl 5.10.0-19ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-794-1

Insight

It was discovered that the Compress::Raw::Zlib Perl module incorrectly handled certain zlib compressed streams. If a user or automated system were tricked into processing a specially crafted compressed stream or file, a remote attacker could crash the application, leading to a denial of service.

Severity

Classification

CVE CVE-2009-1391
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for cinder USN-1731-1
Ubuntu Update for curl USN-2399-1
Ubuntu Update for apache2 USN-2152-1
Ubuntu Update for avahi vulnerability USN-402-1
Ubuntu Update for backuppc USN-1444-1

Take action and discover your vulnerabilities