MidnightBSD

Advisories for gisle_aas

CVE-2002-0703 HIGH

An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gisle_aas digest-md5 2.18
gisle_aas digest-md5 2.17
gisle_aas digest-md5 2.16
gisle_aas digest-md5 2.19
CVE-2010-2253 MEDIUM

lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
gisle_aas libwww-perl 5.44
gisle_aas libwww-perl 5.821
gisle_aas libwww-perl 5.10
gisle_aas libwww-perl 5.53_92
gisle_aas libwww-perl 5.51
gisle_aas libwww-perl 5.21
gisle_aas libwww-perl 0.03
gisle_aas libwww-perl 5.807
gisle_aas libwww-perl 5b9
gisle_aas libwww-perl 5.14
gisle_aas libwww-perl 5.53_95
gisle_aas libwww-perl 5.18_05
gisle_aas libwww-perl 5.45
gisle_aas libwww-perl 5.817
gisle_aas libwww-perl 5.53_93
gisle_aas libwww-perl 5.17
gisle_aas libwww-perl 5.63
gisle_aas libwww-perl 5.50
gisle_aas libwww-perl 5.828
gisle_aas libwww-perl 5.66
gisle_aas libwww-perl 5.822
gisle_aas libwww-perl 5.34
gisle_aas libwww-perl 5.814
gisle_aas libwww-perl 5.53
gisle_aas libwww-perl 5.78
gisle_aas libwww-perl 0.04
gisle_aas libwww-perl 5.826
gisle_aas libwww-perl 5.805
gisle_aas libwww-perl 5.816
gisle_aas libwww-perl 5.831
gisle_aas libwww-perl 5b7
gisle_aas libwww-perl 5.61
gisle_aas libwww-perl 5.18_03
gisle_aas libwww-perl 5.41
gisle_aas libwww-perl 5.46
gisle_aas libwww-perl 5.53_91
gisle_aas libwww-perl 5.73
gisle_aas libwww-perl 5.815
gisle_aas libwww-perl 5.830
gisle_aas libwww-perl 5.12
gisle_aas libwww-perl 5.62
gisle_aas libwww-perl 5.31
gisle_aas libwww-perl 5.75
gisle_aas libwww-perl 5.18
gisle_aas libwww-perl 5.07
gisle_aas libwww-perl 5.33
gisle_aas libwww-perl 5.819
gisle_aas libwww-perl 5.08
gisle_aas libwww-perl 5.76
gisle_aas libwww-perl 5.67
gisle_aas libwww-perl 5b11
gisle_aas libwww-perl 5.05
gisle_aas libwww-perl 5.832
gisle_aas libwww-perl 5.47
gisle_aas libwww-perl 5.811
search.cpan libwww-perl *
gisle_aas libwww-perl 5.53_90
gisle_aas libwww-perl 5.15
gisle_aas libwww-perl 5.01
gisle_aas libwww-perl 5.802
gisle_aas libwww-perl 5.829
gisle_aas libwww-perl 5b10
gisle_aas libwww-perl 5.823
search.cpan libwww-perl 5.40_01
gisle_aas libwww-perl 5.60
gisle_aas libwww-perl 5.09
gisle_aas libwww-perl 5.03
gisle_aas libwww-perl 5b8
gisle_aas libwww-perl 5.69
gisle_aas libwww-perl 5.808
gisle_aas libwww-perl 5.20
gisle_aas libwww-perl 5.49
gisle_aas libwww-perl 5.52
gisle_aas libwww-perl 5.30
gisle_aas libwww-perl 5.801
gisle_aas libwww-perl 5.22
gisle_aas libwww-perl 5.32
gisle_aas libwww-perl 5.71
gisle_aas libwww-perl 5.818
gisle_aas libwww-perl 5.48
gisle_aas libwww-perl 5.18_04
gisle_aas libwww-perl 5.77
gisle_aas libwww-perl 5.825
gisle_aas libwww-perl 5.806
gisle_aas libwww-perl 5.813
gisle_aas libwww-perl 5.00
gisle_aas libwww-perl 5.36
gisle_aas libwww-perl 5.65
gisle_aas libwww-perl 5.800
gisle_aas libwww-perl 5.06
gisle_aas libwww-perl 5.19
gisle_aas libwww-perl 5.68
gisle_aas libwww-perl 5.803
gisle_aas libwww-perl 5.810
gisle_aas libwww-perl 5b5
gisle_aas libwww-perl 5.824
gisle_aas libwww-perl 5.35
gisle_aas libwww-perl 5.70
gisle_aas libwww-perl 5.13
gisle_aas libwww-perl 5.43
gisle_aas libwww-perl 5b12
gisle_aas libwww-perl 0.01
gisle_aas libwww-perl 5.16
gisle_aas libwww-perl 5.53_96
gisle_aas libwww-perl 5.74
gisle_aas libwww-perl 5.804
gisle_aas libwww-perl 5.72
gisle_aas libwww-perl 5.02
gisle_aas libwww-perl 5.11
gisle_aas libwww-perl 5.833
gisle_aas libwww-perl 0.02
gisle_aas libwww-perl 5.04
gisle_aas libwww-perl 5b6
gisle_aas libwww-perl 5b13
gisle_aas libwww-perl 5.64
gisle_aas libwww-perl 5.42
gisle_aas libwww-perl 5.827
gisle_aas libwww-perl 5.53_94
gisle_aas libwww-perl 5.53_97
gisle_aas libwww-perl 5.820
gisle_aas libwww-perl 5.79
gisle_aas libwww-perl 5.812
CVE-2011-0633 MEDIUM

The Net::HTTPS module in libwww-perl (LWP) before 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by default, which allows remote attackers to spoof servers via man-in-the-middle (MITM) attacks involving hostnames that are not properly validated. NOTE: it could be argued that this is a design limitation of the Net::HTTPS API, and separate implementations should be independently assigned CVE identifiers for not working around this limitation. However, because this API was modified within LWP, a single CVE identifier has been assigned.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
gisle_aas libwww-perl 5.44
gisle_aas libwww-perl 5.821
gisle_aas libwww-perl 5.10
gisle_aas libwww-perl 5.53_92
gisle_aas libwww-perl 5.51
gisle_aas libwww-perl 5.21
gisle_aas libwww-perl 0.03
gisle_aas libwww-perl 5.807
gisle_aas libwww-perl 5b9
gisle_aas libwww-perl 5.14
gisle_aas libwww-perl 5.53_95
gisle_aas libwww-perl 5.18_05
gisle_aas libwww-perl 5.45
gisle_aas libwww-perl 5.817
gisle_aas libwww-perl 5.53_93
gisle_aas libwww-perl 5.17
gisle_aas libwww-perl 5.63
gisle_aas libwww-perl 5.50
gisle_aas libwww-perl 5.828
gisle_aas libwww-perl 5.66
gisle_aas libwww-perl 5.822
gisle_aas libwww-perl 5.34
gisle_aas libwww-perl 5.814
gisle_aas libwww-perl 5.53
gisle_aas libwww-perl 5.78
gisle_aas libwww-perl 0.04
gisle_aas libwww-perl 5.826
gisle_aas libwww-perl 5.805
gisle_aas libwww-perl 5.816
gisle_aas libwww-perl 5.831
gisle_aas libwww-perl 5b7
gisle_aas libwww-perl 5.61
gisle_aas libwww-perl 5.18_03
gisle_aas libwww-perl 5.41
gisle_aas libwww-perl 5.46
gisle_aas libwww-perl 5.53_91
gisle_aas libwww-perl 5.73
gisle_aas libwww-perl 5.815
gisle_aas libwww-perl 5.830
gisle_aas libwww-perl 5.12
gisle_aas libwww-perl 5.62
gisle_aas libwww-perl 5.31
gisle_aas libwww-perl 5.75
gisle_aas libwww-perl 5.18
gisle_aas libwww-perl 5.07
gisle_aas libwww-perl 5.33
gisle_aas libwww-perl 5.819
gisle_aas libwww-perl 5.08
gisle_aas libwww-perl 5.76
gisle_aas libwww-perl 5.67
gisle_aas libwww-perl 5b11
gisle_aas libwww-perl 5.05
gisle_aas libwww-perl 5.832
gisle_aas libwww-perl 5.47
gisle_aas libwww-perl 5.811
search.cpan libwww-perl *
gisle_aas libwww-perl 5.53_90
gisle_aas libwww-perl 5.15
gisle_aas libwww-perl 5.01
gisle_aas libwww-perl 5.802
gisle_aas libwww-perl 5.829
gisle_aas libwww-perl 5b10
gisle_aas libwww-perl 5.823
search.cpan libwww-perl 5.40_01
gisle_aas libwww-perl 5.60
gisle_aas libwww-perl 5.09
gisle_aas libwww-perl 5.836
gisle_aas libwww-perl 5.03
gisle_aas libwww-perl 5b8
gisle_aas libwww-perl 5.69
gisle_aas libwww-perl 5.808
gisle_aas libwww-perl 5.20
gisle_aas libwww-perl 5.49
gisle_aas libwww-perl 5.52
gisle_aas libwww-perl 5.30
gisle_aas libwww-perl 5.801
gisle_aas libwww-perl 5.22
gisle_aas libwww-perl 5.32
gisle_aas libwww-perl 5.71
gisle_aas libwww-perl 5.818
gisle_aas libwww-perl 5.48
gisle_aas libwww-perl 5.18_04
gisle_aas libwww-perl 5.77
gisle_aas libwww-perl 5.825
gisle_aas libwww-perl 5.806
gisle_aas libwww-perl 5.813
gisle_aas libwww-perl 5.00
gisle_aas libwww-perl 5.36
gisle_aas libwww-perl 5.65
gisle_aas libwww-perl 5.800
gisle_aas libwww-perl 5.06
gisle_aas libwww-perl 5.19
gisle_aas libwww-perl 5.68
gisle_aas libwww-perl 5.803
gisle_aas libwww-perl 5.810
gisle_aas libwww-perl 5b5
gisle_aas libwww-perl 5.824
gisle_aas libwww-perl 5.35
gisle_aas libwww-perl 5.834
gisle_aas libwww-perl 5.70
gisle_aas libwww-perl 5.13
gisle_aas libwww-perl 5.43
gisle_aas libwww-perl 5b12
gisle_aas libwww-perl 0.01
gisle_aas libwww-perl 5.16
gisle_aas libwww-perl 5.53_96
gisle_aas libwww-perl 5.74
gisle_aas libwww-perl 5.804
gisle_aas libwww-perl 5.72
gisle_aas libwww-perl 5.02
gisle_aas libwww-perl 5.11
gisle_aas libwww-perl 5.833
gisle_aas libwww-perl 0.02
gisle_aas libwww-perl 5.04
gisle_aas libwww-perl 5b6
gisle_aas libwww-perl 5b13
gisle_aas libwww-perl 5.64
gisle_aas libwww-perl 5.42
gisle_aas libwww-perl 5.827
gisle_aas libwww-perl 5.53_94
gisle_aas libwww-perl 5.53_97
gisle_aas libwww-perl 5.820
gisle_aas libwww-perl 5.79
gisle_aas libwww-perl 5.812
CVE-2011-3597 HIGH

Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
gisle_aas digest 1.09
gisle_aas digest 1.04
gisle_aas digest 1.10
gisle_aas digest 1.11
gisle_aas digest 1.07
gisle_aas digest 1.02
gisle_aas digest 1.03
gisle_aas digest 1.00
gisle_aas digest 1.15
gisle_aas digest 1.12
gisle_aas digest 1.06
gisle_aas digest 1.01
gisle_aas digest 1.16
gisle_aas digest 1.13
gisle_aas digest 1.08
gisle_aas digest 1.14
gisle_aas digest 1.05