ID CVE-2013-1667
Summary The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.
References
Vulnerable Configurations
  • cpe:2.3:a:perl:perl:5.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.8.7:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.8.7:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.8.8:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.8.8:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.8.9:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.8.9:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.8.10:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.8.10:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.10:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.10:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.10.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.10.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.10.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.10.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.10.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.10.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.10.1:rc2:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.10.1:rc2:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.11.5:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.0:rc5:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.0:rc5:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.1:rc2:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.1:rc2:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.3:rc1:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.3:rc1:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.3:rc2:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.3:rc2:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.3:rc3:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.3:rc3:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.12.4:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.0:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.0:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.1:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.2:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.3:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.3:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.4:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.4:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.5:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.5:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.6:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.6:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.7:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.7:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.8:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.8:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.9:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.9:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.10:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.10:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.13.11:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.13.11:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.14.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.14.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.14.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.14.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.14.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.14.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.14.2:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.14.2:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.14.3:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.14.3:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.16.0:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:perl:perl:5.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:perl:perl:5.16.2:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 19-09-2017 - 01:36)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
oval via4
accepted 2015-04-20T04:00:45.813-04:00
class vulnerability
contributors
  • name Ganesh Manal
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
  • name Prashant Kumar
    organization Hewlett-Packard
  • name Mike Cokus
    organization The MITRE Corporation
description The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.
family unix
id oval:org.mitre.oval:def:18771
status accepted
submitted 2013-11-22T11:43:28.000-05:00
title HP-UX running perl, Remote Denial of Service (DoS)
version 47
redhat via4
advisories
bugzilla
id 912276
title CVE-2013-1667 perl: DoS in rehashing code
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331005
    • OR
      • AND
        • comment perl is earlier than 4:5.8.8-40.el5_9
          oval oval:com.redhat.rhsa:tst:20130685001
        • comment perl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070966007
      • AND
        • comment perl-suidperl is earlier than 4:5.8.8-40.el5_9
          oval oval:com.redhat.rhsa:tst:20130685003
        • comment perl-suidperl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070966009
  • AND
    • comment Red Hat Enterprise Linux 6 is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • OR
      • AND
        • comment perl is earlier than 4:5.10.1-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685006
        • comment perl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558002
      • AND
        • comment perl-Archive-Extract is earlier than 1:0.38-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685008
        • comment perl-Archive-Extract is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558004
      • AND
        • comment perl-Archive-Tar is earlier than 0:1.58-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685010
        • comment perl-Archive-Tar is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558006
      • AND
        • comment perl-CGI is earlier than 0:3.51-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685012
        • comment perl-CGI is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558008
      • AND
        • comment perl-CPAN is earlier than 0:1.9402-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685014
        • comment perl-CPAN is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558010
      • AND
        • comment perl-CPANPLUS is earlier than 0:0.88-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685016
        • comment perl-CPANPLUS is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558012
      • AND
        • comment perl-Compress-Raw-Bzip2 is earlier than 0:2.020-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685018
        • comment perl-Compress-Raw-Bzip2 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130685019
      • AND
        • comment perl-Compress-Raw-Zlib is earlier than 1:2.020-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685020
        • comment perl-Compress-Raw-Zlib is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558014
      • AND
        • comment perl-Compress-Zlib is earlier than 0:2.020-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685022
        • comment perl-Compress-Zlib is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558016
      • AND
        • comment perl-Digest-SHA is earlier than 1:5.47-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685024
        • comment perl-Digest-SHA is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558018
      • AND
        • comment perl-ExtUtils-CBuilder is earlier than 1:0.27-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685026
        • comment perl-ExtUtils-CBuilder is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558020
      • AND
        • comment perl-ExtUtils-Embed is earlier than 0:1.28-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685028
        • comment perl-ExtUtils-Embed is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558022
      • AND
        • comment perl-ExtUtils-MakeMaker is earlier than 0:6.55-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685030
        • comment perl-ExtUtils-MakeMaker is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558024
      • AND
        • comment perl-ExtUtils-ParseXS is earlier than 1:2.2003.0-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685032
        • comment perl-ExtUtils-ParseXS is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558026
      • AND
        • comment perl-File-Fetch is earlier than 0:0.26-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685034
        • comment perl-File-Fetch is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558028
      • AND
        • comment perl-IO-Compress-Base is earlier than 0:2.020-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685036
        • comment perl-IO-Compress-Base is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558030
      • AND
        • comment perl-IO-Compress-Bzip2 is earlier than 0:2.020-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685038
        • comment perl-IO-Compress-Bzip2 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130685039
      • AND
        • comment perl-IO-Compress-Zlib is earlier than 0:2.020-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685040
        • comment perl-IO-Compress-Zlib is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558032
      • AND
        • comment perl-IO-Zlib is earlier than 1:1.09-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685042
        • comment perl-IO-Zlib is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558034
      • AND
        • comment perl-IPC-Cmd is earlier than 1:0.56-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685044
        • comment perl-IPC-Cmd is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558036
      • AND
        • comment perl-Locale-Maketext-Simple is earlier than 1:0.18-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685046
        • comment perl-Locale-Maketext-Simple is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558038
      • AND
        • comment perl-Log-Message is earlier than 1:0.02-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685048
        • comment perl-Log-Message is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558040
      • AND
        • comment perl-Log-Message-Simple is earlier than 0:0.04-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685050
        • comment perl-Log-Message-Simple is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558042
      • AND
        • comment perl-Module-Build is earlier than 1:0.3500-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685052
        • comment perl-Module-Build is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558044
      • AND
        • comment perl-Module-CoreList is earlier than 0:2.18-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685054
        • comment perl-Module-CoreList is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558046
      • AND
        • comment perl-Module-Load is earlier than 1:0.16-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685056
        • comment perl-Module-Load is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558048
      • AND
        • comment perl-Module-Load-Conditional is earlier than 0:0.30-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685058
        • comment perl-Module-Load-Conditional is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558050
      • AND
        • comment perl-Module-Loaded is earlier than 1:0.02-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685060
        • comment perl-Module-Loaded is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558052
      • AND
        • comment perl-Module-Pluggable is earlier than 1:3.90-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685062
        • comment perl-Module-Pluggable is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558054
      • AND
        • comment perl-Object-Accessor is earlier than 1:0.34-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685064
        • comment perl-Object-Accessor is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558056
      • AND
        • comment perl-Package-Constants is earlier than 1:0.02-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685066
        • comment perl-Package-Constants is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558058
      • AND
        • comment perl-Params-Check is earlier than 1:0.26-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685068
        • comment perl-Params-Check is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558060
      • AND
        • comment perl-Parse-CPAN-Meta is earlier than 1:1.40-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685070
        • comment perl-Parse-CPAN-Meta is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558062
      • AND
        • comment perl-Pod-Escapes is earlier than 1:1.04-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685072
        • comment perl-Pod-Escapes is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558064
      • AND
        • comment perl-Pod-Simple is earlier than 1:3.13-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685074
        • comment perl-Pod-Simple is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558066
      • AND
        • comment perl-Term-UI is earlier than 0:0.20-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685076
        • comment perl-Term-UI is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558068
      • AND
        • comment perl-Test-Harness is earlier than 0:3.17-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685078
        • comment perl-Test-Harness is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558070
      • AND
        • comment perl-Test-Simple is earlier than 0:0.92-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685080
        • comment perl-Test-Simple is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558072
      • AND
        • comment perl-Time-HiRes is earlier than 4:1.9721-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685082
        • comment perl-Time-HiRes is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558074
      • AND
        • comment perl-Time-Piece is earlier than 0:1.15-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685084
        • comment perl-Time-Piece is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558076
      • AND
        • comment perl-core is earlier than 0:5.10.1-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685086
        • comment perl-core is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558078
      • AND
        • comment perl-devel is earlier than 4:5.10.1-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685088
        • comment perl-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558080
      • AND
        • comment perl-libs is earlier than 4:5.10.1-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685090
        • comment perl-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558082
      • AND
        • comment perl-parent is earlier than 1:0.221-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685092
        • comment perl-parent is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558084
      • AND
        • comment perl-suidperl is earlier than 4:5.10.1-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685094
        • comment perl-suidperl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558086
      • AND
        • comment perl-version is earlier than 3:0.77-130.el6_4
          oval oval:com.redhat.rhsa:tst:20130685096
        • comment perl-version is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110558088
rhsa
id RHSA-2013:0685
released 2013-03-26
severity Moderate
title RHSA-2013:0685: perl security update (Moderate)
rpms
  • perl-4:5.10.1-130.el6_4
  • perl-4:5.8.8-40.el5_9
  • perl-Archive-Extract-1:0.38-130.el6_4
  • perl-Archive-Tar-0:1.58-130.el6_4
  • perl-CGI-0:3.51-130.el6_4
  • perl-CPAN-0:1.9402-130.el6_4
  • perl-CPANPLUS-0:0.88-130.el6_4
  • perl-Compress-Raw-Bzip2-0:2.020-130.el6_4
  • perl-Compress-Raw-Zlib-1:2.020-130.el6_4
  • perl-Compress-Zlib-0:2.020-130.el6_4
  • perl-Digest-SHA-1:5.47-130.el6_4
  • perl-ExtUtils-CBuilder-1:0.27-130.el6_4
  • perl-ExtUtils-Embed-0:1.28-130.el6_4
  • perl-ExtUtils-MakeMaker-0:6.55-130.el6_4
  • perl-ExtUtils-ParseXS-1:2.2003.0-130.el6_4
  • perl-File-Fetch-0:0.26-130.el6_4
  • perl-IO-Compress-Base-0:2.020-130.el6_4
  • perl-IO-Compress-Bzip2-0:2.020-130.el6_4
  • perl-IO-Compress-Zlib-0:2.020-130.el6_4
  • perl-IO-Zlib-1:1.09-130.el6_4
  • perl-IPC-Cmd-1:0.56-130.el6_4
  • perl-Locale-Maketext-Simple-1:0.18-130.el6_4
  • perl-Log-Message-1:0.02-130.el6_4
  • perl-Log-Message-Simple-0:0.04-130.el6_4
  • perl-Module-Build-1:0.3500-130.el6_4
  • perl-Module-CoreList-0:2.18-130.el6_4
  • perl-Module-Load-1:0.16-130.el6_4
  • perl-Module-Load-Conditional-0:0.30-130.el6_4
  • perl-Module-Loaded-1:0.02-130.el6_4
  • perl-Module-Pluggable-1:3.90-130.el6_4
  • perl-Object-Accessor-1:0.34-130.el6_4
  • perl-Package-Constants-1:0.02-130.el6_4
  • perl-Params-Check-1:0.26-130.el6_4
  • perl-Parse-CPAN-Meta-1:1.40-130.el6_4
  • perl-Pod-Escapes-1:1.04-130.el6_4
  • perl-Pod-Simple-1:3.13-130.el6_4
  • perl-Term-UI-0:0.20-130.el6_4
  • perl-Test-Harness-0:3.17-130.el6_4
  • perl-Test-Simple-0:0.92-130.el6_4
  • perl-Time-HiRes-4:1.9721-130.el6_4
  • perl-Time-Piece-0:1.15-130.el6_4
  • perl-core-0:5.10.1-130.el6_4
  • perl-debuginfo-4:5.10.1-130.el6_4
  • perl-debuginfo-4:5.8.8-40.el5_9
  • perl-devel-4:5.10.1-130.el6_4
  • perl-libs-4:5.10.1-130.el6_4
  • perl-parent-1:0.221-130.el6_4
  • perl-suidperl-4:5.10.1-130.el6_4
  • perl-suidperl-4:5.8.8-40.el5_9
  • perl-version-3:0.77-130.el6_4
refmap via4
apple APPLE-SA-2013-10-22-3
bid 58311
confirm
debian DSA-2641
hp
  • HPSBUX02928
  • SSRT101274
mandriva MDVSA-2013:113
misc
mlist [perl.perl5.porters] 20130304 CVE-2013-1667: important rehashing flaw
osvdb 90892
secunia
  • 52472
  • 52499
ubuntu USN-1770-1
xf perl-rehash-dos(82598)
Last major update 19-09-2017 - 01:36
Published 14-03-2013 - 03:13
Last modified 19-09-2017 - 01:36
Back to Top