Net-Server 0.84 Deleted
Security Advisories
CVE-2005-1127
Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server (Postgrey) 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service (crash) via format string specifiers that are not properly handled before being sent to syslog, as demonstrated using sender addresses to Postgrey.
- http://lists.ee.ethz.ch/postgrey/msg00627.html
- http://lists.ee.ethz.ch/postgrey/msg00630.html
- http://lists.ee.ethz.ch/postgrey/msg00647.html
- http://www.osvdb.org/15517
- http://secunia.com/advisories/14958
- http://www.debian.org/security/2006/dsa-1121
- http://www.debian.org/security/2006/dsa-1122
- http://secunia.com/advisories/21164
- http://secunia.com/advisories/21152
- http://secunia.com/advisories/21149
- http://www.gentoo.org/security/en/glsa/glsa-200608-18.xml
- http://www.securityfocus.com/bid/13193
- http://secunia.com/advisories/21452
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:131
- http://marc.info/?l=full-disclosure&m=111354538331167&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20108
Fixed version: >0.87
Reported: 2005-05-02
Kwalitee Issues
- has_meta_yml
-
Add a META.yml to the distribution. Your buildtool should be able to autogenerate it.
- prereq_matches_use
-
List all used modules in META.yml requires
Error:
- IO::Multiplex
- IO::Socket::SSL
- has_meta_json
-
Add a META.json to the distribution. Your buildtool should be able to autogenerate it.
- meta_yml_has_license
-
Define the license if you are using in Build.PL. If you are using MakeMaker (Makefile.PL) you should upgrade to ExtUtils::MakeMaker version 6.31.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: Net::Server, Net::Server::Daemonize, Net::Server::Fork, Net::Server::INET, Net::Server::MultiType, Net::Server::Multiplex, Net::Server::PreFork, Net::Server::PreForkSimple, Net::Server::Proto, Net::Server::Proto::SSL, Net::Server::Proto::TCP, Net::Server::Proto::UDP, Net::Server::Proto::UNIX, Net::Server::SIG, Net::Server::Single
- no_invalid_versions
-
Fix the version numbers so that version::is_lax($version) returns true.
Error:
- lib/Net/Server/Fork.pm: HASH(0x55607c705018)
- lib/Net/Server/INET.pm: HASH(0x55607c704598)
- lib/Net/Server/MultiType.pm: HASH(0x55607c555c98)
- lib/Net/Server/Multiplex.pm: HASH(0x55607c581998)
- lib/Net/Server/PreFork.pm: HASH(0x55607c625418)
- lib/Net/Server/PreForkSimple.pm: HASH(0x55607c57beb8)
- lib/Net/Server/Proto.pm: HASH(0x55607c6bcee0)
- lib/Net/Server/Proto/SSL.pm: HASH(0x55607c598ee8)
- lib/Net/Server/Proto/TCP.pm: HASH(0x55607c5942b0)
- lib/Net/Server/Proto/UDP.pm: HASH(0x55607c795d48)
- lib/Net/Server/Proto/UNIX.pm: HASH(0x55607c53d258)
- lib/Net/Server/Single.pm: HASH(0x55607c5999c8)
- consistent_version
-
Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).
Error: 0.01,0.04,0.84
- has_separate_license_file
-
This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Net::Server | Extensible, general Perl server engine | 0.84 | metacpan |
Net::Server::Daemonize | bdpf Safe fork and daemonization utilities | 0.04 | metacpan |
Net::Server::Fork | Net::Server personality | metacpan | |
Net::Server::INET | Net::Server personality | metacpan | |
Net::Server::MultiType | Net::Server personality | metacpan | |
Net::Server::Multiplex | Multiplex several connections within one process | metacpan | |
Net::Server::PreFork | Net::Server personality | metacpan | |
Net::Server::PreForkSimple | Net::Server personality | metacpan | |
Net::Server::Proto | adp0 - Net::Server Protocol compatibility layer | metacpan | |
Net::Server::Proto::SSL | adp0 - Net::Server SSL protocol. | metacpan | |
Net::Server::Proto::TCP | adp0 - Net::Server TCP protocol. | metacpan | |
Net::Server::Proto::UDP | adp0 - Net::Server UDP protocol. | metacpan | |
Net::Server::Proto::UNIX | adp0 - Net::Server UNIX protocol. | metacpan | |
Net::Server::SIG | adpf - Safer signal handling | 0.01 | metacpan |
Net::Server::Single | Net::Server personality | metacpan |