Oracle Linux 8 : perl:5.32 (ELSA-2024-3128)
high Nessus プラグイン ID 198025
Language:
概要
リモートの Oracle Linux ホストにセキュリティ更新プログラムがありません。説明
リモートの Oracle Linux 8 ホストに、ELSA-2024-3128 のアドバイザリに記載された脆弱性の影響を受けるパッケージがインストールされています。perl-Algorithm-Diff perl-Archive-Tar perl-Archive-Zip perl-autodie perl-bignum perl-Carp perl-Compress-Bzip2 perl-Compress-Raw-Bzip2 perl-Compress-Raw-Lzma perl-Compress-Raw-Zlib [2.096-2]
- s390x の zlib での更新により破損するテストを修正します
- 関連: RHEL-16371
perl-Config-Perl-V perl-constant perl-CPAN-DistnameInfo perl-CPAN-Meta perl-CPAN-Meta-Requirements perl-CPAN-Meta-YAML perl-CPAN perl-Data-Dumper perl-Data-OptList perl-Data - セクション perl-DB_File perl-Devel-PPPort perl-Devel-Size perl-Digest-MD5 perl-Digest perl-Digest-SHA perl-Encode-Locale perl-Encode perl-Env perl-experimental perl-Exporter perl-ExtUtils-CBuilder perl-ExtUtils-Install perl-ExtUtils-MakeMaker perl-ExtUtils-Manifest perl-ExtUtils-ParseXS perl-Fedora-VSP perl-File-Fetch perl-File-HomeDir perl-File-Path perl-File-Temp perl-File-Which perl-Filter perl-Filter-Simple perl-generators perl-Getopt-Long perl-HTTP-Tiny perl-Importer perl-inc-latest perl-IO-Compress-Lzma perl-IO-Compress perl-IO-Socket-IP perl- IPC-Cmd perl-IPC-System-Simple perl-IPC-SysV perl-JSON-PP perl-libnet perl-Locale-Maketext perl-local-lib perl-Math-BigInt-FastCalc perl-Math-BigInt perl-Math-BigRat perl-MIME-Base64 perl-Module-Build perl-Module-CoreList perl-Module-Load-Conditional perl-Module-Load perl-M odule-Metadata perl-MRO-Compat perl-Object-HashBase perl-Package-Generator perl-Params-Check perl-Params-Util perl-parent perl-PathTools perl [4:5.32.1-473]
- CVE-2023-47038の修正
- perl-autouse および perl-ExtUtils-MM-Utils を perl run-requires に追加しました
perl-perlfaq perl-PerlIO-via-QuotedPrint perl-Perl-OSType perl-Pod-Checker perl-Pod-Escapes perl-podlators perl-Pod-Parser perl-Pod-Perldoc perl-Pod-Simple perl-Pod-Usage perl-Scalar-List-Utils perl-Socket perl-Software-License perl-Storable perl-Sub-Exporter perl-Sub-Install perl-Sys-Syslog perl-Term-ANSIColor perl-Term-Cap perl-Term-Table perl-Test-Harness perl-Test-Simple perl-Text-Balanced perl-Text-Diff perl-Text-Glob perl-Text-ParseWords perl-Text-Tabs+Wrap perl-Text-Template perl-Thread-Queue perl-threads perl-threads-shared perl-Time-HiRes perl-Time-Local perl-Unicode-Collate perl-Unicode-Normalize perl-URI perl-version
Tenable は、前述の記述ブロックを Oracle Linux セキュリティアドバイザリから直接抽出しています。
Nessus はこの問題をテストしておらず、代わりにアプリケーションが自己報告するバージョン番号にのみ依存していることに注意してください。
ソリューション
影響を受けるパッケージを更新してください。参考資料
プラグインの詳細
深刻度: High
ID: 198025
ファイル名: oraclelinux_ELSA-2024-3128.nasl
バージョン: 1.1
タイプ: local
エージェント: unix
公開日: 2024/5/28
更新日: 2024/5/28
サポートされているセンサー: Frictionless Assessment Agent, Nessus Agent, Nessus
リスク情報
VPR
リスクファクター: Medium
スコア: 6.7
CVSS v2
リスクファクター: Medium
基本値: 6.8
現状値: 5
ベクトル: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS スコアのソース: CVE-2023-47038
CVSS v3
リスクファクター: High
基本値: 7.8
現状値: 6.8
ベクトル: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
現状ベクトル: CVSS:3.0/E:U/RL:O/RC:C
脆弱性情報
CPE: p-cpe:/a:oracle:linux:perl-mro-compat, p-cpe:/a:oracle:linux:perl-errno, p-cpe:/a:oracle:linux:perl-module-load-conditional, p-cpe:/a:oracle:linux:perl-open, p-cpe:/a:oracle:linux:perl-extutils-manifest, p-cpe:/a:oracle:linux:perl-threads-shared, p-cpe:/a:oracle:linux:perl-digest-sha, p-cpe:/a:oracle:linux:perl-encode-devel, p-cpe:/a:oracle:linux:perl-sys-syslog, p-cpe:/a:oracle:linux:perl-locale-maketext, p-cpe:/a:oracle:linux:perl-text-abbrev, p-cpe:/a:oracle:linux:perl-benchmark, p-cpe:/a:oracle:linux:perl-thread-semaphore, p-cpe:/a:oracle:linux:perl-debugger, p-cpe:/a:oracle:linux:perl-doc, p-cpe:/a:oracle:linux:perl-hash-util-fieldhash, p-cpe:/a:oracle:linux:perl-io-compress-lzma, p-cpe:/a:oracle:linux:perl-params-check, p-cpe:/a:oracle:linux:perl-data-dumper, p-cpe:/a:oracle:linux:perl-sub-install, p-cpe:/a:oracle:linux:perl-time-piece, p-cpe:/a:oracle:linux:perl-class-struct, p-cpe:/a:oracle:linux:perl-meta-notation, p-cpe:/a:oracle:linux:perl-sort, p-cpe:/a:oracle:linux:perl-english, p-cpe:/a:oracle:linux:perl-net, p-cpe:/a:oracle:linux:perl-next, p-cpe:/a:oracle:linux:perl-socket, p-cpe:/a:oracle:linux:perl-digest-md5, p-cpe:/a:oracle:linux:perl-devel-selfstubber, p-cpe:/a:oracle:linux:perl-extutils-command, cpe:/a:oracle:linux:8::appstream, p-cpe:/a:oracle:linux:perl-utils, p-cpe:/a:oracle:linux:perl-sigtrap, p-cpe:/a:oracle:linux:perl-pod-perldoc, p-cpe:/a:oracle:linux:perl-i18n-langtags, p-cpe:/a:oracle:linux:perl-dirhandle, p-cpe:/a:oracle:linux:perl-extutils-embed, p-cpe:/a:oracle:linux:perl-module-loaded, p-cpe:/a:oracle:linux:perl-i18n-collate, p-cpe:/a:oracle:linux:perl-pod-usage, p-cpe:/a:oracle:linux:perl-extutils-cbuilder, p-cpe:/a:oracle:linux:perl-cpan-distnameinfo, p-cpe:/a:oracle:linux:perl-version, p-cpe:/a:oracle:linux:perl-uri, p-cpe:/a:oracle:linux:perl-text-template, p-cpe:/a:oracle:linux:perl-term-readline, p-cpe:/a:oracle:linux:perl-file-copy, p-cpe:/a:oracle:linux:perl-dbm_filter, p-cpe:/a:oracle:linux:perl-io, p-cpe:/a:oracle:linux:perl-text-parsewords, p-cpe:/a:oracle:linux:perl-bignum, p-cpe:/a:oracle:linux:perl-module-build, p-cpe:/a:oracle:linux:perl-selectsaver, p-cpe:/a:oracle:linux:perl-encoding-warnings, p-cpe:/a:oracle:linux:perl-perl-ostype, p-cpe:/a:oracle:linux:perl-cpan-meta-requirements, p-cpe:/a:oracle:linux:perl-archive-tar, p-cpe:/a:oracle:linux:perl-devel-ppport, p-cpe:/a:oracle:linux:perl-ipc-system-simple, p-cpe:/a:oracle:linux:perl-lib, p-cpe:/a:oracle:linux:perl-tie, p-cpe:/a:oracle:linux:perl-base, p-cpe:/a:oracle:linux:perl-symbol, p-cpe:/a:oracle:linux:perl-blib, p-cpe:/a:oracle:linux:perl-filter-simple, p-cpe:/a:oracle:linux:perl-config-perl-v, p-cpe:/a:oracle:linux:perl-unicode-normalize, p-cpe:/a:oracle:linux:perl, p-cpe:/a:oracle:linux:perl-io-compress, p-cpe:/a:oracle:linux:perl-libs, p-cpe:/a:oracle:linux:perl-pod-checker, p-cpe:/a:oracle:linux:perl-time-hires, p-cpe:/a:oracle:linux:perl-mro, p-cpe:/a:oracle:linux:perl-net-ping, p-cpe:/a:oracle:linux:perl-storable, p-cpe:/a:oracle:linux:perl-algorithm-diff, p-cpe:/a:oracle:linux:perl-search-dict, p-cpe:/a:oracle:linux:perl-test, p-cpe:/a:oracle:linux:perl-interpreter, p-cpe:/a:oracle:linux:perl-ipc-open3, p-cpe:/a:oracle:linux:perl-unicode-collate, p-cpe:/a:oracle:linux:perl-pod-functions, p-cpe:/a:oracle:linux:perl-filecache, p-cpe:/a:oracle:linux:perl-mime-base64, p-cpe:/a:oracle:linux:perl-env, p-cpe:/a:oracle:linux:perl-ph, p-cpe:/a:oracle:linux:perl-fields, p-cpe:/a:oracle:linux:perl-extutils-makemaker, p-cpe:/a:oracle:linux:perl-dumpvalue, p-cpe:/a:oracle:linux:perl-perlfaq, p-cpe:/a:oracle:linux:perl-user-pwent, p-cpe:/a:oracle:linux:perl-compress-raw-lzma, p-cpe:/a:oracle:linux:perl-cpan, p-cpe:/a:oracle:linux:perl-encode, p-cpe:/a:oracle:linux:perl-extutils-mm-utils, p-cpe:/a:oracle:linux:perl-subs, p-cpe:/a:oracle:linux:perl-tie-refhash, p-cpe:/a:oracle:linux:perl-ndbm_file, p-cpe:/a:oracle:linux:perl-db_file, p-cpe:/a:oracle:linux:perl-file-fetch, cpe:/a:oracle:linux:8:10:appstream_base, p-cpe:/a:oracle:linux:perl-pod-parser, p-cpe:/a:oracle:linux:perl-devel-peek, p-cpe:/a:oracle:linux:perl-libnet, p-cpe:/a:oracle:linux:perl-params-util, p-cpe:/a:oracle:linux:perl-compress-bzip2, p-cpe:/a:oracle:linux:perl-if, p-cpe:/a:oracle:linux:perl-time, p-cpe:/a:oracle:linux:perl-vars, p-cpe:/a:oracle:linux:perl-object-hashbase-tools, p-cpe:/a:oracle:linux:perl-extutils-install, p-cpe:/a:oracle:linux:perl-test-harness, p-cpe:/a:oracle:linux:perl-math-bigrat, p-cpe:/a:oracle:linux:perl-pod-simple, p-cpe:/a:oracle:linux:perl-attribute-handlers, p-cpe:/a:oracle:linux:perl-config-extensions, p-cpe:/a:oracle:linux:perl-filter, p-cpe:/a:oracle:linux:perl-odbm_file, p-cpe:/a:oracle:linux:perl-module-metadata, p-cpe:/a:oracle:linux:perl-extutils-parsexs, p-cpe:/a:oracle:linux:perl-object-hashbase, p-cpe:/a:oracle:linux:perl-ipc-sysv, cpe:/o:oracle:linux:8, p-cpe:/a:oracle:linux:perl-deprecate, p-cpe:/a:oracle:linux:perl-encoding, p-cpe:/a:oracle:linux:perl-module-load, p-cpe:/a:oracle:linux:perl-macros, p-cpe:/a:oracle:linux:perl-io-socket-ip, p-cpe:/a:oracle:linux:perl-thread-queue, p-cpe:/a:oracle:linux:perl-b, p-cpe:/a:oracle:linux:perl-opcode, p-cpe:/a:oracle:linux:perl-perlio-via-quotedprint, p-cpe:/a:oracle:linux:perl-tie-memoize, p-cpe:/a:oracle:linux:perl-module-corelist, p-cpe:/a:oracle:linux:perl-software-license, p-cpe:/a:oracle:linux:perl-test-simple, p-cpe:/a:oracle:linux:perl-http-tiny, p-cpe:/a:oracle:linux:perl-time-local, p-cpe:/a:oracle:linux:perl-encode-locale, p-cpe:/a:oracle:linux:perl-compress-raw-bzip2, p-cpe:/a:oracle:linux:perl-text-glob, p-cpe:/a:oracle:linux:perl-tie-file, p-cpe:/a:oracle:linux:perl-io-zlib, p-cpe:/a:oracle:linux:perl-fedora-vsp, p-cpe:/a:oracle:linux:perl-podlators, p-cpe:/a:oracle:linux:perl-importer, p-cpe:/a:oracle:linux:perl-sys-hostname, p-cpe:/a:oracle:linux:perl-thread, p-cpe:/a:oracle:linux:perl-autoloader, p-cpe:/a:oracle:linux:perl-overloading, p-cpe:/a:oracle:linux:perl-scalar-list-utils, p-cpe:/a:oracle:linux:perl-diagnostics, p-cpe:/a:oracle:linux:perl-text-balanced, p-cpe:/a:oracle:linux:perl-selfloader, p-cpe:/a:oracle:linux:perl-i18n-langinfo, p-cpe:/a:oracle:linux:perl-memoize, p-cpe:/a:oracle:linux:perl-term-cap, p-cpe:/a:oracle:linux:perl-data-section, p-cpe:/a:oracle:linux:perl-constant, p-cpe:/a:oracle:linux:perl-carp, p-cpe:/a:oracle:linux:perl-sub-exporter, p-cpe:/a:oracle:linux:perl-ipc-cmd, p-cpe:/a:oracle:linux:perl-math-bigint, p-cpe:/a:oracle:linux:perl-pod-escapes, p-cpe:/a:oracle:linux:perl-autodie, p-cpe:/a:oracle:linux:perl-getopt-long, p-cpe:/a:oracle:linux:perl-math-bigint-fastcalc, p-cpe:/a:oracle:linux:perl-file-dosglob, p-cpe:/a:oracle:linux:perl-hash-util, p-cpe:/a:oracle:linux:perl-file-stat, p-cpe:/a:oracle:linux:perl-homedir, p-cpe:/a:oracle:linux:perl-filehandle, p-cpe:/a:oracle:linux:perl-unicode-ucd, p-cpe:/a:oracle:linux:perl-file-path, p-cpe:/a:oracle:linux:perl-parent, p-cpe:/a:oracle:linux:perl-cpan-meta, p-cpe:/a:oracle:linux:perl-local-lib, p-cpe:/a:oracle:linux:perl-threads, p-cpe:/a:oracle:linux:perl-cpan-meta-yaml, p-cpe:/a:oracle:linux:perl-pathtools, p-cpe:/a:oracle:linux:perl-inc-latest, p-cpe:/a:oracle:linux:perl-devel-size, p-cpe:/a:oracle:linux:perl-package-generator, p-cpe:/a:oracle:linux:perl-file-homedir, p-cpe:/a:oracle:linux:perl-locale-maketext-simple, p-cpe:/a:oracle:linux:perl-vmsish, p-cpe:/a:oracle:linux:perl-file-basename, p-cpe:/a:oracle:linux:perl-digest, p-cpe:/a:oracle:linux:perl-json-pp, p-cpe:/a:oracle:linux:perl-locale, p-cpe:/a:oracle:linux:perl-file-which, p-cpe:/a:oracle:linux:perl-getopt-std, p-cpe:/a:oracle:linux:perl-archive-zip, p-cpe:/a:oracle:linux:perl-posix, p-cpe:/a:oracle:linux:perl-safe, p-cpe:/a:oracle:linux:perl-less, p-cpe:/a:oracle:linux:perl-findbin, p-cpe:/a:oracle:linux:perl-term-complete, p-cpe:/a:oracle:linux:perl-generators, p-cpe:/a:oracle:linux:perl-module-corelist-tools, p-cpe:/a:oracle:linux:perl-extutils-constant, p-cpe:/a:oracle:linux:perl-file-temp, p-cpe:/a:oracle:linux:perl-term-table, p-cpe:/a:oracle:linux:perl-math-complex, p-cpe:/a:oracle:linux:perl-extutils-miniperl, p-cpe:/a:oracle:linux:perl-filetest, p-cpe:/a:oracle:linux:perl-libnetcfg, p-cpe:/a:oracle:linux:perl-pod-html, p-cpe:/a:oracle:linux:perl-dynaloader, p-cpe:/a:oracle:linux:perl-file-compare, p-cpe:/a:oracle:linux:perl-exporter, p-cpe:/a:oracle:linux:perl-text-diff, p-cpe:/a:oracle:linux:perl-fcntl, p-cpe:/a:oracle:linux:perl-gdbm_file, p-cpe:/a:oracle:linux:perl-experimental, p-cpe:/a:oracle:linux:perl-autosplit, p-cpe:/a:oracle:linux:perl-overload, p-cpe:/a:oracle:linux:perl-data-optlist, p-cpe:/a:oracle:linux:perl-devel, p-cpe:/a:oracle:linux:perl-term-ansicolor, p-cpe:/a:oracle:linux:perl-compress-raw-zlib, p-cpe:/a:oracle:linux:perl-file-find, p-cpe:/a:oracle:linux:perl-autouse, p-cpe:/a:oracle:linux:perl-text-tabs%2bwrap
必要な KB アイテム: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux
エクスプロイトの容易さ: No known exploits are available
パッチ公開日: 2024/5/24
脆弱性公開日: 2023/11/30
参照情報
CVE: CVE-2023-47038