Lucene search

[email protected]NVD:CVE-2013-1667

HistoryMar 14, 2013 - 3:13 a.m.

CVE-2013-1667

2013-03-1403:13:36

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.018

Percentile

88.4%

JSON

The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.

Affected configurations

NVD

Node

perlperlMatch5.8.2

perlperlMatch5.8.3

perlperlMatch5.8.4

perlperlMatch5.8.5

perlperlMatch5.8.6

perlperlMatch5.8.7

perlperlMatch5.8.8

perlperlMatch5.8.9

perlperlMatch5.8.10

perlperlMatch5.10

perlperlMatch5.10.0

perlperlMatch5.10.0rc1

perlperlMatch5.10.0rc2

perlperlMatch5.10.1

perlperlMatch5.10.1rc1

perlperlMatch5.10.1rc2

perlperlMatch5.11.0

perlperlMatch5.11.1

perlperlMatch5.11.2

perlperlMatch5.11.3

perlperlMatch5.11.4

perlperlMatch5.11.5

perlperlMatch5.12.0

perlperlMatch5.12.0rc0

perlperlMatch5.12.0rc1

perlperlMatch5.12.0rc2

perlperlMatch5.12.0rc3

perlperlMatch5.12.0rc4

perlperlMatch5.12.0rc5

perlperlMatch5.12.1

perlperlMatch5.12.1rc1

perlperlMatch5.12.1rc2

perlperlMatch5.12.2

perlperlMatch5.12.2rc1

perlperlMatch5.12.3

perlperlMatch5.12.3rc1

perlperlMatch5.12.3rc2

perlperlMatch5.12.3rc3

perlperlMatch5.12.4

perlperlMatch5.13.0

perlperlMatch5.13.1

perlperlMatch5.13.2

perlperlMatch5.13.3

perlperlMatch5.13.4

perlperlMatch5.13.5

perlperlMatch5.13.6

perlperlMatch5.13.7

perlperlMatch5.13.8

perlperlMatch5.13.9

perlperlMatch5.13.10

perlperlMatch5.13.11

perlperlMatch5.14.0

perlperlMatch5.14.0rc1

perlperlMatch5.14.0rc2

perlperlMatch5.14.0rc3

perlperlMatch5.14.1

perlperlMatch5.14.2

perlperlMatch5.14.3

perlperlMatch5.16.0

perlperlMatch5.16.1

perlperlMatch5.16.2

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=702296

kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

kb.juniper.net/InfoCenter/index?page=content&id=JSA10735

lists.apple.com/archives/security-announce/2013/Oct/msg00004.html

marc.info/?l=bugtraq&m=137891988921058&w=2

osvdb.org/90892

perl5.git.perl.org/perl.git/commitdiff/6e79fe5

perl5.git.perl.org/perl.git/commitdiff/9d83adc

perl5.git.perl.org/perl.git/commitdiff/d59e31f

rhn.redhat.com/errata/RHSA-2013-0685.html

secunia.com/advisories/52472

secunia.com/advisories/52499

www.debian.org/security/2013/dsa-2641

www.mandriva.com/security/advisories?name=MDVSA-2013:113

www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html

www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

www.securityfocus.com/bid/58311

www.ubuntu.com/usn/USN-1770-1

bugzilla.redhat.com/show_bug.cgi?id=912276

exchange.xforce.ibmcloud.com/vulnerabilities/82598

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18771

wiki.mageia.org/en/Support/Advisories/MGASA-2013-0094

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.018

Percentile

88.4%

JSON

Related for NVD:CVE-2013-1667

openvas28 debiancve1 nessus23 cvelist1 freebsd1 securityvulns3 cve1 altlinux1 osv1 debian2 ubuntu1 slackware1 ubuntucve1 prion1 fedora2 aix1 suse4 veracode3 f52 oraclelinux1 gentoo1 centos1 redhat2 amazon1