what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2013-1667

Status Candidate

Overview

The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.

Related Files

EMC VPLEX GeoSynchrony 5.2.1 Traversal / Session Timeout
Posted Mar 27, 2014
Site emc.com

EMC VPLEX GeoSynchrony versions 4.0 through 5.2.1 suffer from path traversal, timeout validity, session fixation, and various other vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2002-2443, CVE-2011-1044, CVE-2011-3389, CVE-2011-4110, CVE-2012-0814, CVE-2012-2136, CVE-2012-5166, CVE-2013-1667, CVE-2014-0632, CVE-2014-0633, CVE-2014-0634, CVE-2014-0635
SHA-256 | 865ebcefce882874598ff43ecc2a95087b307183385a9a725bb5ad0baf892e95
Gentoo Linux Security Advisory 201401-11
Posted Jan 20, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-11 - Multiple vulnerabilities have been found in Perl and Locale::Maketext Perl module, the worst of which could allow a context-dependent attacker to execute arbitrary code. Versions less than 5.16.3 are affected.

tags | advisory, arbitrary, perl, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2728, CVE-2011-2939, CVE-2012-5195, CVE-2013-1667
SHA-256 | 92d8d5759a27b001185c6521fec4e8b39a433512603eecfa0564f8a319809a00
HP Security Bulletin HPSBUX02928 SSRT101274
Posted Sep 11, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02928 SSRT101274 - A potential security vulnerability has been identified with HP-UX perl. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, perl
systems | hpux
advisories | CVE-2013-1667
SHA-256 | 73b1f8d39bc87d53488b09c086a43bc36c368ff93120f11dce1b504cdf8ad715
Mandriva Linux Security Advisory 2013-113
Posted Apr 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-113 - It was discovered that Perl's 'x' string repeat operator is vulnerable to a heap-based buffer overflow. An attacker could use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, perl
systems | linux, mandriva
advisories | CVE-2012-5195, CVE-2012-6329, CVE-2013-1667
SHA-256 | d121a52e5d21e1a1d884bfa0b4351192f0257e3310ec24006cce477233f1c93a
Red Hat Security Advisory 2013-0685-01
Posted Mar 26, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0685-01 - Perl is a high-level programming language commonly used for system administration utilities and web programming. A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A denial of service flaw was found in the way Perl's rehashing code implementation, responsible for recalculation of hash keys and redistribution of hash content, handled certain input. If an attacker supplied specially-crafted input to be used as hash keys by a Perl application, it could cause excessive memory consumption.

tags | advisory, web, denial of service, overflow, arbitrary, perl
systems | linux, redhat
advisories | CVE-2012-5195, CVE-2012-5526, CVE-2012-6329, CVE-2013-1667
SHA-256 | ac3fdd7299785f237b23d812f30be939d6a7f1979b5d7e5891f630a611337ac3
Debian Security Advisory 2641-2
Posted Mar 21, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2641-2 - The security fix applied to the perl package due to CVE-2013-1667 introduced a test failure in libapache2-mod-perl2 source package specific to the rehash mechanism in Perl.

tags | advisory, perl
systems | linux, debian
advisories | CVE-2013-1667
SHA-256 | 9110a5cd25bf6b009461ac1ef7158b28b213084bd41e72df243bc8995f0f12c0
Ubuntu Security Notice USN-1770-1
Posted Mar 20, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1770-1 - Yves Orton discovered that Perl incorrectly handled hashing when using user-provided hash keys. An attacker could use this flaw to perform a denial of service attack against software written in Perl.

tags | advisory, denial of service, perl
systems | linux, ubuntu
advisories | CVE-2013-1667
SHA-256 | 160400c43f751227a821754c592c2c0991ab85529006ea92b840a9c891041806
Slackware Security Advisory - perl Updates
Posted Mar 15, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New perl packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-1667.

tags | advisory, perl
systems | linux, slackware
advisories | CVE-2013-1667
SHA-256 | 61afc6e373cc8a2593e5f9cf519ab0b62c9ed5882774a848c94de205325acb57
Debian Security Advisory 2641-1
Posted Mar 9, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2641-1 - Yves Orton discovered a flaw in the rehashing code of Perl. This flaw could be exploited to carry out a denial of service attack against code that uses arbitrary user input as hash keys. Specifically an attacker could create a set of keys of a hash causing a denial of service via memory exhaustion.

tags | advisory, denial of service, arbitrary, perl
systems | linux, debian
advisories | CVE-2013-1667
SHA-256 | ef0581bda2d7d39d4ac6b0e3f50de6b4185b95f6484441e99e710f8202e9a548
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close