Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31187
HistoryOct 14, 2014 - 12:00 a.m.

[ MDVSA-2014:192 ] perl-Email-Address

2014-10-1400:00:00
vulners.com
27
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2014:192
http://www.mandriva.com/en/support/security/

Package : perl-Email-Address
Date : October 1, 2014
Affected: Business Server 1.0

Problem Description:

Updated perl-Email-Address package fixes security vulnerability:

The parse function in Email::Address module before 1.905 for Perl
uses an inefficient regular expression, which allows remote attackers
to cause a denial of service (CPU consumption) via an empty quoted
string in an RFC 2822 address (CVE-2014-0477).

The Email::Address module before 1.904 for Perl uses an inefficient
regular expression, which allows remote attackers to cause a denial
of service (CPU consumption) via vectors related to backtracking into
the phrase (CVE-2014-4720).

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4720
http://advisories.mageia.org/MGASA-2014-0389.html

Updated Packages:

Mandriva Business Server 1/X86_64:
f45326dac151e5154f2f13a6942d4f16 mbs1/x86_64/perl-Email-Address-1.895.0-2.1.mbs1.noarch.rpm
a889b50000a684108955b439e4ca02db mbs1/SRPMS/perl-Email-Address-1.895.0-2.1.mbs1.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFUK/fNmqjQ0CJFipgRAtWrAJ9CmAobU9TL5x0+jFEhhDwbvIalRwCfTPn6
C57L8lqxJPqP/vkUCCzshN4=
=S0uC
-----END PGP SIGNATURE-----

Related

osv 2
nessus 5
securityvulns 1
debiancve 2
ubuntucve 2
mageia 1
cve 2
prion 2
openvas 4
debian 4
fedora 2
zdt 1
osv
osv
libemail-address-perl - security update
2014-06-27 00:00:00
libemail-address-perl - security update
2014-06-29 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : perl-Email-Address (MDVSA-2014:192)
2014-10-02 00:00:00
Debian DSA-2969-1 : libemail-address-perl - security update
2014-06-28 00:00:00
Fedora 20 : perl-Email-Address-1.905-1.fc20 (2014-7613)
2014-09-29 00:00:00
securityvulns
securityvulns
perl-Email-Address DoS
2014-10-14 00:00:00
debiancve
debiancve
CVE-2014-4720
2014-07-06 23:55:00
CVE-2014-0477
2014-07-03 17:55:00
ubuntucve
ubuntucve
CVE-2014-4720
2014-07-06 00:00:00
CVE-2014-0477
2014-07-03 00:00:00
mageia
mageia
Updated perl-Email-Address packages fix security vulnerabilities
2014-09-26 19:55:04
cve
cve
CVE-2014-4720
2014-07-06 23:55:00
CVE-2014-0477
2014-07-03 17:55:00
prion
prion
Design/Logic Flaw
2014-07-06 23:55:00
Code injection
2014-07-03 17:55:00
openvas
openvas
Fedora Update for perl-Email-Address FEDORA-2014-7610
2014-10-01 00:00:00
Debian Security Advisory DSA 2969-1 (libemail-address-perl - security update)
2014-06-27 00:00:00
Debian Security Advisory DSA 2969-1 (libemail-address-perl - security update)
2014-06-27 00:00:00
debian
debian
libemail-address-perl security update
2014-06-29 19:09:32
[SECURITY] [DSA 2969-1] libemail-address-perl security update
2014-06-27 18:27:42
libemail-address-perl security update
2014-06-29 19:09:15
fedora
fedora
[SECURITY] Fedora 20 Update: perl-Email-Address-1.905-1.fc20
2014-09-26 09:03:08
[SECURITY] Fedora 19 Update: perl-Email-Address-1.905-1.fc19
2014-09-26 09:00:57
zdt
zdt
TP-LINK WDR4300 XSS / Denial Of Service Vulnerabilities
2014-09-23 00:00:00
JSON
Related for SECURITYVULNS:DOC:31187
osv2nessus5securityvulns1debiancve2ubuntucve2mageia1cve2prion2openvas4debian4fedora2zdt1