Low: python26

Issue Overview: A denial of service flaw was found in the implementation of associative arrays dictionaries in Python. An attacker able to supply a large number of inputs to a Python application such as HTTP POST request parameters sent to a web application that are used as keys when inserting da...

Mandriva Update for python MDVSA-2012:097 (python)

Check for the Version of python OpenVAS Vulnerability Test Mandriva Update for python MDVSA-2012:097 python Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

RedHat Update for python RHSA-2012:0744-01

Check for the Version of python OpenVAS Vulnerability Test RedHat Update for python RHSA-2012:0744-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

python, tkinter security update

CentOS Errata and Security Advisory CESA-2012:0745 Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

expat security update

CentOS Errata and Security Advisory CESA-2012:0731 Updated expat packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

Anatomy of a LulzSec Attack 'Singles Out' Web 2.0 Weakness

A new report analyzing a recent attack on a military dating site underscores the need for stronger safeguards on social networks. As part of its Hacker Intelligence Initiative, database and application security provider Imperva deconstructed a March attack by the hacker collective LulzSec on...

Fedora 15 : expat-2.1.0-1.fc15 (2012-6996)

This update includes expat 2.1.0, which fixes includes a fix for a security issue. A specially crafted set of keys could trigger hash function collisions, which degrade dictionary performance by changing hash table operations complexity from an expected/average O1 to the worst case On. Reporters...

Fedora 16 : expat-2.1.0-1.fc16 (2012-5058)

This update includes expat 2.1.0, which fixes includes a fix for a security issue. A specially crafted set of keys could trigger hash function collisions, which degrade dictionary performance by changing hash table operations complexity from an expected/average O1 to the worst case On. Reporters...

Fedora 17 : expat-2.1.0-1.fc17 (2012-4936)

This update includes expat 2.1.0, which fixes includes a fix for a security issue. A specially crafted set of keys could trigger hash function collisions, which degrade dictionary performance by changing hash table operations complexity from an expected/average O1 to the worst case On. Reporters...

expat security vulnerability

Memory leaks, predictable hash function...

libxmls library DoS

Predictable hash function collisions lead to resources exhaustion...

apr / aws libraries DoS

resources consumption because of collisions in a hash function...

DEBIAN-CVE-2012-0840

tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that...

CentOS 6 : ruby (CESA-2012:0069)

Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

ruby security update

CentOS Errata and Security Advisory CESA-2012:0069 Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score...

irb, ruby security update

CentOS Errata and Security Advisory CESA-2012:0070 Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

CVE-2012-0039

GLib 2.31.8 and earlier, when the gstrhash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash...

CVE-2012-0039

GLib 2.31.8 and earlier, when the gstrhash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash...

PT-2012-2257 · Gnome +1 · Glib +1

Name of the Vulnerable Software and Affected Versions: GLib versions 2.31.8 and earlier Description: The issue allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table, because the g str hash function computes...

New Version of OpenSSL Fixes Six Flaws

A new version of the OpenSSL package has been released, fixing six vulnerabilities, including a plaintext recovery attack on the DTLS implementation. There are two other cryptographic flaws fixed in OpenSSL 1.0.0f, and a few other less-serious problems. The most problematic of the vulnerabilities...