PublicDateAtUSN: 2010-12-06
Candidate: CVE-2010-4411
PublicDate: 2010-12-06 20:13:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4411
 http://openwall.com/lists/oss-security/2010/12/01/3
 https://ubuntu.com/security/notices/USN-1129-1
Description:
 Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote
 attackers to inject arbitrary HTTP headers and conduct HTTP response
 splitting attacks via unknown vectors.  NOTE: this issue exists because of
 an incomplete fix for CVE-2010-2761.
Ubuntu-Description:
Notes:
 mdeslaur> debian fix in perl is cgi-multiline-header.diff
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_libcgi-pm-perl:
upstream_libcgi-pm-perl: released (3.51)
dapper_libcgi-pm-perl: DNE
hardy_libcgi-pm-perl: DNE
karmic_libcgi-pm-perl: ignored (reached end-of-life)
lucid_libcgi-pm-perl: ignored (reached end-of-life)
maverick_libcgi-pm-perl: ignored (reached end-of-life)
natty_libcgi-pm-perl: not-affected (3.51-1)
oneiric_libcgi-pm-perl: not-affected (3.51-1)
precise_libcgi-pm-perl: not-affected (3.51-1)
quantal_libcgi-pm-perl: not-affected (3.51-1)
raring_libcgi-pm-perl: not-affected (3.51-1)
saucy_libcgi-pm-perl: not-affected (3.51-1)
devel_libcgi-pm-perl: not-affected (3.51-1)

Patches_libcgi-simple-perl:
upstream_libcgi-simple-perl: released (1.111-2)
dapper_libcgi-simple-perl: ignored (reached end-of-life)
hardy_libcgi-simple-perl: ignored (reached end-of-life)
karmic_libcgi-simple-perl: ignored (reached end-of-life)
lucid_libcgi-simple-perl: ignored (reached end-of-life)
maverick_libcgi-simple-perl: ignored (reached end-of-life)
natty_libcgi-simple-perl: not-affected (1.111-2)
oneiric_libcgi-simple-perl: not-affected (1.111-2)
precise_libcgi-simple-perl: not-affected (1.111-2)
quantal_libcgi-simple-perl: not-affected (1.111-2)
raring_libcgi-simple-perl: not-affected (1.111-2)
saucy_libcgi-simple-perl: not-affected (1.111-2)
devel_libcgi-simple-perl: not-affected (1.111-2)

Patches_perl:
upstream_perl: released (5.10.1-17)
dapper_perl: released (5.8.7-10ubuntu1.3)
hardy_perl: released (5.8.8-12ubuntu0.5)
karmic_perl: ignored (reached end-of-life)
lucid_perl: released (5.10.1-8ubuntu2.1)
maverick_perl: released (5.10.1-12ubuntu2.1)
natty_perl: not-affected (5.10.1-17ubuntu1)
oneiric_perl: not-affected (5.10.1-17ubuntu1)
precise_perl: not-affected (5.10.1-17ubuntu1)
quantal_perl: not-affected (5.10.1-17ubuntu1)
raring_perl: not-affected (5.10.1-17ubuntu1)
saucy_perl: not-affected (5.10.1-17ubuntu1)
devel_perl: not-affected (5.10.1-17ubuntu1)