Vulnerability Description
The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Perl | Perl | 5.8.2 |
Related Weaknesses (CWE)
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702296
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
- http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
- http://marc.info/?l=bugtraq&m=137891988921058&w=2
- http://osvdb.org/90892
- http://perl5.git.perl.org/perl.git/commitdiff/6e79fe5
- http://perl5.git.perl.org/perl.git/commitdiff/9d83adc
- http://perl5.git.perl.org/perl.git/commitdiff/d59e31f
- http://rhn.redhat.com/errata/RHSA-2013-0685.html
- http://secunia.com/advisories/52472Vendor Advisory
- http://secunia.com/advisories/52499Vendor Advisory
- http://www.debian.org/security/2013/dsa-2641
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:113
- http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html
FAQ
What is CVE-2013-1667?
CVE-2013-1667 is a vulnerability with a CVSS score of 7.5 (HIGH). The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.
How severe is CVE-2013-1667?
CVE-2013-1667 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1667?
Check the references section above for vendor advisories and patch information. Affected products include: Perl Perl.