// For flags

CVE-2013-1667

perl: DoS in rehashing code

Severity Score

10.0
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.

El mecanismo de rehash en Perl v5.8.2 a través v5.16.x permite a atacantes dependientes de contexto provocar una denegación de servicio (consumo de memoria y caída) mediante una tecla de almohadilla diseñada.

Perl is a high-level programming language commonly used for system administration utilities and web programming. A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A denial of service flaw was found in the way Perl's rehashing code implementation, responsible for recalculation of hash keys and redistribution of hash content, handled certain input. If an attacker supplied specially-crafted input to be used as hash keys by a Perl application, it could cause excessive memory consumption.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-02-13 CVE Reserved
  • 2013-03-09 CVE Published
  • 2024-08-06 CVE Updated
  • 2025-05-27 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
CAPEC
References (23)
URL Tag Source
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702296 X_refsource_misc
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 X_refsource_confirm
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 X_refsource_confirm
http://osvdb.org/90892 Vdb Entry
http://perl5.git.perl.org/perl.git/commitdiff/6e79fe5 X_refsource_confirm
http://perl5.git.perl.org/perl.git/commitdiff/9d83adc X_refsource_confirm
http://perl5.git.perl.org/perl.git/commitdiff/d59e31f X_refsource_confirm
http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html Mailing List
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html X_refsource_confirm
http://www.securityfocus.com/bid/58311 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/82598 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18771 Signature
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0094 X_refsource_confirm
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html 2017-09-19
http://marc.info/?l=bugtraq&m=137891988921058&w=2 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0685.html 2017-09-19
http://secunia.com/advisories/52472 2017-09-19
http://secunia.com/advisories/52499 2017-09-19
http://www.debian.org/security/2013/dsa-2641 2017-09-19
http://www.mandriva.com/security/advisories?name=MDVSA-2013:113 2017-09-19
http://www.ubuntu.com/usn/USN-1770-1 2017-09-19
https://bugzilla.redhat.com/show_bug.cgi?id=912276 2013-03-26
https://access.redhat.com/security/cve/CVE-2013-1667 2013-03-26
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.8.2
Search vendor "Perl" for product "Perl" and version "5.8.2"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.8.3
Search vendor "Perl" for product "Perl" and version "5.8.3"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.8.4
Search vendor "Perl" for product "Perl" and version "5.8.4"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.8.5
Search vendor "Perl" for product "Perl" and version "5.8.5"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.8.6
Search vendor "Perl" for product "Perl" and version "5.8.6"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.8.7
Search vendor "Perl" for product "Perl" and version "5.8.7"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.8.8
Search vendor "Perl" for product "Perl" and version "5.8.8"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.8.9
Search vendor "Perl" for product "Perl" and version "5.8.9"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.8.10
Search vendor "Perl" for product "Perl" and version "5.8.10"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.10
Search vendor "Perl" for product "Perl" and version "5.10"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.10.0
Search vendor "Perl" for product "Perl" and version "5.10.0"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.10.0
Search vendor "Perl" for product "Perl" and version "5.10.0"
rc1
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.10.0
Search vendor "Perl" for product "Perl" and version "5.10.0"
rc2
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.10.1
Search vendor "Perl" for product "Perl" and version "5.10.1"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.10.1
Search vendor "Perl" for product "Perl" and version "5.10.1"
rc1
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.10.1
Search vendor "Perl" for product "Perl" and version "5.10.1"
rc2
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.11.0
Search vendor "Perl" for product "Perl" and version "5.11.0"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.11.1
Search vendor "Perl" for product "Perl" and version "5.11.1"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.11.2
Search vendor "Perl" for product "Perl" and version "5.11.2"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.11.3
Search vendor "Perl" for product "Perl" and version "5.11.3"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.11.4
Search vendor "Perl" for product "Perl" and version "5.11.4"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.11.5
Search vendor "Perl" for product "Perl" and version "5.11.5"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.0
Search vendor "Perl" for product "Perl" and version "5.12.0"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.0
Search vendor "Perl" for product "Perl" and version "5.12.0"
rc0
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.0
Search vendor "Perl" for product "Perl" and version "5.12.0"
rc1
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.0
Search vendor "Perl" for product "Perl" and version "5.12.0"
rc2
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.0
Search vendor "Perl" for product "Perl" and version "5.12.0"
rc3
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.0
Search vendor "Perl" for product "Perl" and version "5.12.0"
rc4
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.0
Search vendor "Perl" for product "Perl" and version "5.12.0"
rc5
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.1
Search vendor "Perl" for product "Perl" and version "5.12.1"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.1
Search vendor "Perl" for product "Perl" and version "5.12.1"
rc1
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.1
Search vendor "Perl" for product "Perl" and version "5.12.1"
rc2
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.2
Search vendor "Perl" for product "Perl" and version "5.12.2"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.2
Search vendor "Perl" for product "Perl" and version "5.12.2"
rc1
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.3
Search vendor "Perl" for product "Perl" and version "5.12.3"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.3
Search vendor "Perl" for product "Perl" and version "5.12.3"
rc1
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.3
Search vendor "Perl" for product "Perl" and version "5.12.3"
rc2
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.3
Search vendor "Perl" for product "Perl" and version "5.12.3"
rc3
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.12.4
Search vendor "Perl" for product "Perl" and version "5.12.4"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.0
Search vendor "Perl" for product "Perl" and version "5.13.0"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.1
Search vendor "Perl" for product "Perl" and version "5.13.1"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.2
Search vendor "Perl" for product "Perl" and version "5.13.2"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.3
Search vendor "Perl" for product "Perl" and version "5.13.3"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.4
Search vendor "Perl" for product "Perl" and version "5.13.4"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.5
Search vendor "Perl" for product "Perl" and version "5.13.5"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.6
Search vendor "Perl" for product "Perl" and version "5.13.6"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.7
Search vendor "Perl" for product "Perl" and version "5.13.7"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.8
Search vendor "Perl" for product "Perl" and version "5.13.8"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.9
Search vendor "Perl" for product "Perl" and version "5.13.9"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.10
Search vendor "Perl" for product "Perl" and version "5.13.10"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.13.11
Search vendor "Perl" for product "Perl" and version "5.13.11"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.14.0
Search vendor "Perl" for product "Perl" and version "5.14.0"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.14.0
Search vendor "Perl" for product "Perl" and version "5.14.0"
rc1
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.14.0
Search vendor "Perl" for product "Perl" and version "5.14.0"
rc2
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.14.0
Search vendor "Perl" for product "Perl" and version "5.14.0"
rc3
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.14.1
Search vendor "Perl" for product "Perl" and version "5.14.1"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.14.2
Search vendor "Perl" for product "Perl" and version "5.14.2"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.14.3
Search vendor "Perl" for product "Perl" and version "5.14.3"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.16.0
Search vendor "Perl" for product "Perl" and version "5.16.0"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.16.1
Search vendor "Perl" for product "Perl" and version "5.16.1"
-
Affected
Perl
Search vendor "Perl"
 Perl
Search vendor "Perl" for product "Perl"
 5.16.2
Search vendor "Perl" for product "Perl" and version "5.16.2"
-
Affected