Summary
The remote host is missing an update to perl
announced via advisory DSA 1556-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201556-1
Insight
It has been discovered that the Perl interpreter may encounter a buffer overflow condition when compiling certain regular expressions containing Unicode characters. This also happens if the offending characters are contained in a variable reference protected by the \Q...\E quoting construct. When encountering this condition, the Perl interpreter typically crashes, but arbitrary code execution cannot be ruled out.
For the stable distribution (etch), this problem has been fixed in version 5.8.8-7etch2.
The unstable distribution (sid) will be fixed soon.
We recommend that you upgrade your perl packages.
Severity
Classification
-
CVE CVE-2008-1927 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities