First of all I'm sorry that this thread will appear to be off topic but I searched SECURITY category and is not present, so I wrote this here, in this category where, I think, are more services affected on a server.
Well, in this morning I read the internal mail and found out that my server has a vulnerable package to DOS attacks and not only (perl5-5.18.4_11).
So I do a
Well, the last one is interesteing for me ( >= 0 : < 5.6.2 ). So I was wondering in how much time a patch for these vulnerabilities are released? Or if exist already where it is? Because I'm a little bit freaked out here!
What should I do ?
Well, in this morning I read the internal mail and found out that my server has a vulnerable package to DOS attacks and not only (perl5-5.18.4_11).
So I do a
pkg audit perl | more
and here it is:
Code:
Affected versions:
>= 5.16.0 : < 5.16.2_1
>= 5.14.0 : < 5.14.2_3
perl -- denial of service via algoritmic complexity attack on hash routines
CVE: CVE-2013-1667
>= 5.8.0 : 5.8.9
perl -- Directory Permission Race Condition
CVE: CVE-2005-0448
> 5.8.* : < 5.8.8_1
PERL -- regular exxpression unicode data buffer overflow
CVE: CVE-2007-5116
>= 5.8 : < 5.8.6_2
perl -- vulnerabilities in PERLIO_DEBUG handling
CVE: CVE-2005-0156
CVE: CVE-2005-0155
>= 5.8.0 : < 5.8.7_1
>= 5.6.0 : < 5.6.2
perl, webmin, usermin -- perl format string integer wrap vulnerability
CVE: CVE-2005-3962
CVE: CVE-2005-3912
>= 5.8.0 : < 5.8.6
>= 0 : < 5.6.2
perl -- File::Path insecure file/directory permissions
CVE: CVE-2004-0452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0452
What should I do ?