 |
with SecurityTracker! | |
|
|
with SecurityTracker! | |
| Home | View Topics | Search | |
|
|
| Category: Application (Generic) > Perl | Vendors: Wall, Larry |
|
Perl Bug in Rehash Mechanism Lets Remote Users Deny Service
| ||||||||
| SecurityTracker Alert ID: 1028346 | ||||||||
| SecurityTracker URL: https://securitytracker.com/id/1028346 | ||||||||
| CVE Reference: CVE-2013-1667 (Links to External Site) | ||||||||
|
Date: Mar 26 2013
| ||||||||
|
Impact:
Denial of service via network | ||||||||
|
Fix Available: Yes Vendor Confirmed: Yes | ||||||||
|
Version(s): 5.8.2 to 5.16.x | ||||||||
|
Description:
A vulnerability was reported in Perl. A remote user can cause denial of service conditions. A remote user can send specially crafted data to cause the target Perl application to consume excessive memory and crash. Applications that provide arbitrary user-supplied data as input to hash keys are affected. Yves Orton reported this vulnerability. | ||||||||
|
Impact:
A remote user can cause the target Perl application to consume excessive memory and crash. | ||||||||
|
Solution:
The vendor has issued a source code fix, available at: http://perl5.git.perl.org/perl.git/commitdiff/6e79fe5 http://perl5.git.perl.org/perl.git/commitdiff/9d83adc http://perl5.git.perl.org/perl.git/commitdiff/d59e31f The fix will be included in the future versions 5.14.4, 5.16.3, and 5.18. | ||||||||
|
Vendor URL: perl.org/ (Links to External Site)
| ||||||||
|
Cause:
State error | ||||||||
| Underlying OS: Linux (Any), UNIX (Any), Windows (Any) | ||||||||
|
| ||||||||
Message History:
This archive entry has one or more follow-up message(s) listed below.
| ||||||||
Source Message Contents | ||||||||
| ||||||||