Lucene search
GoogleOSV:DSA-2641-1HistoryMar 20, 2013 - 12:00 a.m.
perl - rehashing flaw
2013-03-2000:00:00
Google
osv.dev
18
0.018 Low
EPSS
Percentile
88.4%
Yves Orton discovered a flaw in the rehashing code of Perl. This flaw
could be exploited to carry out a denial of service attack against code
that uses arbitrary user input as hash keys. Specifically an attacker
could create a set of keys of a hash causing a denial of service via
memory exhaustion.
For the stable distribution (squeeze), this problem has been fixed in
version 5.10.1-17squeeze6 of perl and version
2.0.4-7+squeeze1 of libapache2-mod-perl2.
For the testing distribution (wheezy), and the unstable distribution
(sid), this problem has been fixed in version 5.14.2-19
of perl and version 2.0.7-3 of libapache2-mod-perl2.
We recommend that you upgrade your perl and libapache2-mod-perl2 packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| perl | eq | 5.10.1-17squeeze4 | |
| perl | eq | 5.10.1-17squeeze5 | |
| perl | eq | 5.10.1-17squeeze3 | |
| perl | eq | 5.10.1-17squeeze2 | |
| perl | eq | 5.10.1-17squeeze1 | |
| perl | eq | 5.10.1-17 |
References
Related
freebsd
freebsd
openvas
openvas
Ubuntu: Security Advisory (USN-1770-1)
2013-03-22 00:00:00
Debian: Security Advisory (DSA-2641-1)
2013-03-19 00:00:00
Ubuntu Update for perl USN-1770-1
2013-03-22 00:00:00
securityvulns
securityvulns
Perl memory leakage
2013-03-10 00:00:00
[SECURITY] [DSA 2641-1] perl security update
2013-03-10 00:00:00
ESA-2014-016: EMC VPLEX Multiple Vulnerabilities
2014-03-31 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package perl version 1:5.16.3-alt1
2013-03-12 00:00:00
cve
cve
CVE-2013-1667
2013-03-14 03:13:36
nessus
nessus
ubuntu
ubuntu
Perl vulnerability
2013-03-19 00:00:00
nvd
nvd
CVE-2013-1667
2013-03-14 03:13:36
debian
debian
[SECURITY] [DSA 2641-1] perl security update
2013-03-09 14:56:39
[SECURITY] [DSA 2641-2] libapache2-mod-perl2 update related to DSA 2641-1
2013-03-20 19:11:51
debiancve
debiancve
CVE-2013-1667
2013-03-14 03:13:36
cvelist
cvelist
CVE-2013-1667
2013-03-12 16:00:00
slackware
slackware
perl
2013-03-13 22:55:01
prion
prion
Code injection
2013-03-14 03:13:00
ubuntucve
ubuntucve
CVE-2013-1667
2013-03-04 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: perl-5.14.4-224.fc17
2013-04-03 04:55:43
[SECURITY] Fedora 18 Update: perl-5.16.2-240.fc18
2013-03-22 00:48:54
aix
aix
suse
suse
update for perl (important)
2013-03-20 14:04:22
update for perl (important)
2013-03-20 11:05:11
Security update for Perl (important)
2013-03-13 00:05:35
veracode
veracode
Memory Corruption
2019-05-02 04:54:30
HTTP Header Injection
2019-05-02 04:54:30
Privilege Escalation
2019-05-02 04:54:30
redhat
redhat
(RHSA-2013:0685) Moderate: perl security update
2013-03-26 00:00:00
(RHSA-2013:0746) Important: rhev-hypervisor6 security and bug fix update
2013-04-23 00:00:00
amazon
amazon
Medium: perl
2013-04-04 11:10:00
f5
f5
centos
centos
perl security update
2013-03-26 21:05:02
oraclelinux
oraclelinux
perl security update
2013-03-26 00:00:00
gentoo
gentoo
Perl, Locale Maketext Perl module: Multiple vulnerabilities
2014-01-19 00:00:00