CVE-2011-3597 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:P/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 93%

Affected Products (NVD)

Vendor	Product	Version
gisle_aas	digest	1.00
gisle_aas	digest	1.01
gisle_aas	digest	1.02
gisle_aas	digest	1.03
gisle_aas	digest	1.04
gisle_aas	digest	1.05
gisle_aas	digest	1.06
gisle_aas	digest	1.07
gisle_aas	digest	1.08
gisle_aas	digest	1.09
gisle_aas	digest	1.10
gisle_aas	digest	1.11
gisle_aas	digest	1.12
gisle_aas	digest	1.13
gisle_aas	digest	1.14
gisle_aas	digest	1.15
gisle_aas	digest	1.16

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

perl

bookworm	5.36.0-7+deb12u1 fixed
bullseye	5.32.1-4+deb11u3 fixed
bullseye (security)	5.32.1-4+deb11u4 fixed
lenny	no-dsa
sid	5.40.0-6 fixed
trixie	5.40.0-6 fixed

Ubuntu Releases

Ubuntu Product

Codename

libdigest-perl

hardy	ignored
lucid	ignored
maverick	ignored
natty	ignored
oneiric	ignored
precise	not-affected
quantal	not-affected
raring	not-affected
saucy	not-affected

perl

hardy	Fixed 5.8.8-12ubuntu0.7 released
lucid	Fixed 5.10.1-8ubuntu2.2 released
maverick	ignored
natty	ignored
oneiric	Fixed 5.12.4-4ubuntu0.1 released
precise	not-affected
quantal	not-affected
raring	not-affected
saucy	not-affected

Red Hat Enterprise Linux Releases

Red Hat Product

Release

perl

RHEL 6

4:5.10.1-119.el6_1.1

fixed

perl-Archive-Extract

RHEL 6

1:0.38-119.el6_1.1

fixed

perl-Archive-Tar

RHEL 6

0:1.58-119.el6_1.1

fixed

perl-CGI

RHEL 6

0:3.51-119.el6_1.1

fixed

perl-CPAN

RHEL 6

0:1.9402-119.el6_1.1

fixed

perl-CPANPLUS

RHEL 6

0:0.88-119.el6_1.1

fixed

perl-Compress-Raw-Zlib

RHEL 6

0:2.023-119.el6_1.1

fixed

perl-Compress-Zlib

RHEL 6

0:2.020-119.el6_1.1

fixed

perl-Digest-SHA

RHEL 6

1:5.47-119.el6_1.1

fixed

perl-ExtUtils-CBuilder

RHEL 6

1:0.27-119.el6_1.1

fixed

perl-ExtUtils-Embed

RHEL 6

0:1.28-119.el6_1.1

fixed

perl-ExtUtils-MakeMaker

RHEL 6

0:6.55-119.el6_1.1

fixed

perl-ExtUtils-ParseXS

RHEL 6

1:2.2003.0-119.el6_1.1

fixed

perl-File-Fetch

RHEL 6

0:0.26-119.el6_1.1

fixed

perl-IO-Compress-Base

RHEL 6

0:2.020-119.el6_1.1

fixed

perl-IO-Compress-Zlib

RHEL 6

0:2.020-119.el6_1.1

fixed

perl-IO-Zlib

RHEL 6

1:1.09-119.el6_1.1

fixed

perl-IPC-Cmd

RHEL 6

1:0.56-119.el6_1.1

fixed

perl-Locale-Maketext-Simple

RHEL 6

1:0.18-119.el6_1.1

fixed

perl-Log-Message

RHEL 6

1:0.02-119.el6_1.1

fixed

perl-Log-Message-Simple

RHEL 6

0:0.04-119.el6_1.1

fixed

perl-Module-Build

RHEL 6

1:0.3500-119.el6_1.1

fixed

perl-Module-CoreList

RHEL 6

0:2.18-119.el6_1.1

fixed

perl-Module-Load

RHEL 6

1:0.16-119.el6_1.1

fixed

perl-Module-Load-Conditional

RHEL 6

0:0.30-119.el6_1.1

fixed

perl-Module-Loaded

RHEL 6

1:0.02-119.el6_1.1

fixed

perl-Module-Pluggable

RHEL 6

1:3.90-119.el6_1.1

fixed

perl-Object-Accessor

RHEL 6

1:0.34-119.el6_1.1

fixed

perl-Package-Constants

RHEL 6

1:0.02-119.el6_1.1

fixed

perl-Params-Check

RHEL 6

1:0.26-119.el6_1.1

fixed

perl-Parse-CPAN-Meta

RHEL 6

1:1.40-119.el6_1.1

fixed

perl-Pod-Escapes

RHEL 6

1:1.04-119.el6_1.1

fixed

perl-Pod-Simple

RHEL 6

1:3.13-119.el6_1.1

fixed

perl-Term-UI

RHEL 6

0:0.20-119.el6_1.1

fixed

perl-Test-Harness

RHEL 6

0:3.17-119.el6_1.1

fixed

perl-Test-Simple

RHEL 6

0:0.92-119.el6_1.1

fixed

perl-Time-HiRes

RHEL 6

4:1.9721-119.el6_1.1

fixed

perl-Time-Piece

RHEL 6

0:1.15-119.el6_1.1

fixed

perl-core

RHEL 6

0:5.10.1-119.el6_1.1

fixed

perl-devel

RHEL 6

4:5.10.1-119.el6_1.1

fixed

perl-libs

RHEL 6

4:5.10.1-119.el6_1.1

fixed

perl-parent

RHEL 6

1:0.221-119.el6_1.1

fixed

perl-suidperl

RHEL 6

4:5.10.1-119.el6_1.1

fixed

perl-version

RHEL 6

3:0.77-119.el6_1.1

fixed

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.asc

http://cpansearch.perl.org/src/GAAS/Digest-1.17/Changes

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735

http://secunia.com/advisories/46279

http://secunia.com/advisories/51457

http://www.mandriva.com/security/advisories?name=MDVSA-2012:008

http://www.mandriva.com/security/advisories?name=MDVSA-2012:009

http://www.redhat.com/support/errata/RHSA-2011-1424.html

http://www.redhat.com/support/errata/RHSA-2011-1797.html

http://www.securityfocus.com/bid/49911

http://www.ubuntu.com/usn/USN-1643-1

https://bugzilla.redhat.com/show_bug.cgi?id=743010

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19446

http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.asc

http://cpansearch.perl.org/src/GAAS/Digest-1.17/Changes

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735

http://secunia.com/advisories/46279

http://secunia.com/advisories/51457

http://www.mandriva.com/security/advisories?name=MDVSA-2012:008

http://www.mandriva.com/security/advisories?name=MDVSA-2012:009

http://www.redhat.com/support/errata/RHSA-2011-1424.html

http://www.redhat.com/support/errata/RHSA-2011-1797.html

http://www.securityfocus.com/bid/49911

http://www.ubuntu.com/usn/USN-1643-1

https://bugzilla.redhat.com/show_bug.cgi?id=743010

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19446