Fedora 17 : expat-2.1.0-1.fc17 (2012-4936)

This update includes expat 2.1.0, which fixes includes a fix for a security issue. A specially crafted set of keys could trigger hash function collisions, which degrade dictionary performance by changing hash table operations complexity from an expected/average O1 to the worst case On. Reporters...

expat security vulnerability

Memory leaks, predictable hash function...

libxmls library DoS

Predictable hash function collisions lead to resources exhaustion...

apr / aws libraries DoS

resources consumption because of collisions in a hash function...

DEBIAN-CVE-2012-0840

tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that...

CentOS 6 : ruby (CESA-2012:0069)

Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

ruby security update

CentOS Errata and Security Advisory CESA-2012:0069 Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score...

irb, ruby security update

CentOS Errata and Security Advisory CESA-2012:0070 Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

CVE-2012-0039

GLib 2.31.8 and earlier, when the gstrhash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash...

CVE-2012-0039

GLib 2.31.8 and earlier, when the gstrhash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash...

PT-2012-2257 · Gnome +1 · Glib +1

Name of the Vulnerable Software and Affected Versions: GLib versions 2.31.8 and earlier Description: The issue allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table, because the g str hash function computes...

New Version of OpenSSL Fixes Six Flaws

A new version of the OpenSSL package has been released, fixing six vulnerabilities, including a plaintext recovery attack on the DTLS implementation. There are two other cryptographic flaws fixed in OpenSSL 1.0.0f, and a few other less-serious problems. The most problematic of the vulnerabilities...

n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.004 28-Dec-2011 Vendors: PHP, http://www.php.net Oracle, http://www.oracle.com Microsoft, http://www.microsoft.com Python, http://www.python.org Ruby, http://www.ruby.org Google, http://www.google.com Affected Products: PHP 4 and ...

PlayStation Network Security Update !

On Tuesday, April 26 Sony shared that some information that was compromised in connection with an illegal and unauthorized intrusion into our network. Once again, Sony'd like to apologize to the many users who were inconvenienced and worried about this situation. Sony want to state this again giv...

NIST Announces SHA-3 Hash Function Finalists

The National Institute of Standards and Technology has chosen the five finalists for the last round of its competition to find the next hash function standard. The SHA-3 finalists include Skein, developed by a group including Bruce Schneier and Jon Callas. The other four SHA-3 finalists are BLAKE...

FreeBSD Security Advisory (FreeBSD-SA-10:05.opie.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:05.opie.asc SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

RSA 2010: Experts Expect Several Ciphers to Be Cracked Soon

Cryptographers are expecting several of the major cryptographic systems in use today to be broken in the near future. In the Cryptographers Panel session at the RSA Conference Tuesday, Adi Shamir said that he is working with a team of researchers who have put together a paper that describes an...

FreeBSD Security Advisory (FreeBSD-SA-06:12.opie.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:12.opie.asc ADV FreeBSD-SA-06:12.opie.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft In...

FreeBSD Security Advisory (FreeBSD-SA-06:12.opie.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:12.opie.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

MOODLE <= 1.5.2 user password read out

--/ INTRODUCTION -- / Advisory : MOODLE = 1.5.2 user password read out Release Date : 17. March 2007 Application : Moodle.org is a course management system CMS : to help educators create effective online learning communities. Impact : read out user account passwords in md5 hash Googledork :...