navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: PCRE 6.x 6.4.2194.685 End of Life

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
MySQL
And, this specific program:
MySQL Query Browser 1.x

This thread has been marked as locked.
nvsoar PCRE 6.x 6.4.2194.685 End of Life
Member 16th May, 2010 16:16
Ranking: 2
Posts: 6
User Since: 16th May, 2010
System Score: N/A
Location: US
Re: End of Life
PCRE 6.x 6.4.2194.685
PCRE 6.x - This installation of PCRE 6.x is end-of-life and potentially exposes your system to security threats!
C:\Program Files\MySQL\MySQL Tools for 5.0\pcre3.dll

Does the false positive for Webroot acknowledged by E Petersen also apply to the above installation?

FWIW - the alert disappears if I select the simple interface; and then reappears when I select the advanced PSI interface.

Thank you for your assistance,
nvsoar




TiMow RE: PCRE 6.x 6.4.2194.685 End of Life
Dedicated Contributor 16th May, 2010 17:06
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Hi nvsoar

The thread link below deals with the same software, but not necessarily the same issue - is this where you get the reference to E. Petersen from, re. false positive?
The posters seem to have resolved their problem(s), here, though.

http://secunia.com/community/forum/thread/show/421...

Just a brief point re. simple vs. advanced interface.

PSI scans all programs on your PC; - only those deemed by Secunia as "easy" to patch, for users who may not feel confident in addressing more demanding problems, are reported under the simple mode. All programs requiring attention/patching are reported under advanced mode.

By switching from advanced to simple doest not remove the vulnerability, though - just because it may not be reported under simple , doesn't mean that it's not a problem, requiring action (patching) - and should be dealt with.

In reality, the majority (if not all) users should have no difficulties in using the advanced mode interface, and are advised to do so (by many forum members), for the additional info. that is available.

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
nvsoar RE: PCRE 6.x 6.4.2194.685 End of Life
Member 16th May, 2010 19:38
Score: 2
Posts: 6
User Since: 16th May 2010
System Score: N/A
Location: US
Thank you for the clarification regarding PSI display modes.

Your are correct in the forum item citation. I read that thread before sending my message and concluded from the content that the issue with the Webroot program was resolved by modifying the Secunia rules.

I am not prepared to go to the MySQL Workbench since the interface tools that I use are still in Beta. Thus I would like to safely continue using the existing MySQL tool kit which Workbench will eventually replace.

The issue with Webroot appeared to me to be a false positive resolved by altering the Secunia rules. Thus my query to see if that also applies to MySQL Tools.
Was this reply relevant?
+0
-0
This user no longer exists RE: PCRE 6.x 6.4.2194.685 End of Life
Member 17th May, 2010 09:44
Last edited on 17th May, 2010 09:45 Hi,

The PSI bases it's intelligence on advisories and confirmed vulnerabilities. This means that, even though a library is potentially insecure (ie. has insecure uses) it is not necessarily exploitable, as it has yet to be proven that it is, in fact, used in an insecure way. Therefore, we will no longer show the PCRE 6.x vulnerability for MySQL.

Furthermore, apart from the Secure Browsing tab, the PSI only shows vulnerabilities that can be patched. Since there is no confirmed vulnerability, or patch, it will not be shown.

Rescanning now should no longer show the problem.

Hope this helps.
Was this reply relevant?
+0
-0
nvsoar RE: PCRE 6.x 6.4.2194.685 End of Life
Member 17th May, 2010 16:34
Score: 2
Posts: 6
User Since: 16th May 2010
System Score: N/A
Location: US
Thank you for your response, clarification and the Secunia PSI service.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+