Strawberry Perl Denial Of Service Vulnerability (Windows) Network Vulnerability

Summary

The host is installed with Strawberry Perl and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow attackers to cause denial of service (memory consumption) via specially-crafted hash key. Impact Level: Application

Solution

Upgrade to Strawberry Perl version 5.16.3 or 5.14.4 or later, For updates refer to http://strawberryperl.com

Insight

Flaw is due to an error when rehashing user-supplied input.

Affected

Strawberry Perl versions 5.8.2 before 5.14.4 and 5.15 before 5.16.3 on Windows

References

http://osvdb.org/90892
http://perlnews.org/2013/03/perl-5-16-3-and-5-14-4-just-released
http://perlnews.org/2013/03/rehashing-flaw
http://secunia.com/advisories/52472
http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1667
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Firefox XSL Parsing Vulnerability (Win)
Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Linux)
Apple QuickTime Multiple Vulnerabilities - Jun09
ActFax LPD/LPR Server Denial of Service Vulnerability
Freeciv Multiple Remote Denial Of Service Vulnerabilities

Strawberry Perl Denial of Service Vulnerability (Windows)

Take action and discover your vulnerabilities