FreeBSD Ports: Eperl Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://www.shmoo.com/mail/bugtraq/jun01/msg00286.shtml http://xforce.iss.net/xforce/xfdb/6743 http://osvdb.org/show/osvdb/1880 http://www.vuxml.org/freebsd/73efb1b7-07ec-11e2-a391-000c29033c32.html

Insight

The following package is affected: eperl CVE-2001-0733 The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier allows a remote attacker to execute arbitrary code by modifying the 'sinclude' file to point to another file that contains a #include directive that references a file that contains the code.

Severity

Classification

CVE CVE-2001-0733

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: apache
FreeBSD Ports: chromium
FreeBSD Ports: apache+mod_ssl
FreeBSD Ports: bogofilter
FreeBSD Ports: codeigniter

FreeBSD Ports: eperl

Take action and discover your vulnerabilities