CVE-2014-9906 Ubuntu Security Notification for Libdbd-mysql-perl Vulnerabilities (USN-3103-1)

2016年10月24日 1334点热度 0人点赞 0条评论

漏洞类别：Ubuntu

漏洞等级：

漏洞信息

It was discovered that DBD::mysql incorrectly handled certain memory operations.

It was discovered that DBD::mysql incorrectly handled certain user supplied data.

漏洞危害

A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-9906)

A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8949)

A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1246)

解决方案

Refer to Ubuntu advisory USN-3103-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3103-1: 14.04 (Kylin) on src (libdbd-mysql-perl)

USN-3103-1: 12.04 (Precise) on src (libdbd-mysql-perl)

0day

CVE-2014-9906 Ubuntu Security Notification for Libdbd-mysql-perl Vulnerabilities (USN-3103-1)

文章评论