SUSE CVE-2012-5372

Rubinius computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table, as demonstrated by a universal...

Fedora: Security Advisory for rubygem-puma (FEDORA-2020-fe354f24e8)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Metasploit Wrapup

Metasploit Hackathon We were happy to host the very first Metasploit framework open source hackathon this past week in the Rapid7 Austin. Eight Metasploit hackers from outside of Rapid7 joined forces with the in-house team and worked on a lot of great projects, small and large. @bcook started the...

[oCERT-2012-001] multiple implementations denial-of-service via MurmurHash algorithm collision

2012-001 multiple implementations denial-of-service via MurmurHash algorithm collision Description: A variety of programming languages suffer from a denial-of-service DoS condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting...

CVE-2012-5372

Rubinius computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table, as demonstrated by a universal...

Design/Logic Flaw

Rubinius computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table, as demonstrated by a universal...

CVE-2012-5372

The vulnerability CVE-2012-5372 affects Rubinius’ MurmurHash3 implementation. The hash function does not adequately restrict the ability to trigger hash collisions, enabling context-dependent attackers to cause high CPU usage and DoS by sending crafted input to an application that uses a hash tab...

CVE-2012-5372

Rubinius computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table, as demonstrated by a universal...

Rubinius MurmurHash3 Implementation Hash Collision Remote DoS

Rubinius contains a flaw related to the MurmurHash3 implementation that may allow a remote denial of service. The issue is triggered when hash values are computed without having the ability to cause hash collisions restricted. When sending specially crafted input to an application maintaining a...

FreeBSD : Multiple implementations -- DoS via hash algorithm collision (91be81e7-3fea-11e1-afc7-2c4138874f7d)

oCERT reports : A variety of programming languages suffer from a denial-of-service DoS condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms. The issue finds particul...

[oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision

2011-003 multiple implementations denial-of-service via hash algorithm collision Description: A variety of programming languages suffer from a denial-of-service DoS condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting...

Rubinius Web表单哈希冲突拒绝服务漏洞

BUGTRAQ ID: 51196 Rubinius是一个运行Ruby程序的虚拟机，其带有Ruby的核心库。 Rubinius在哈希表单张贴和更新哈希表单时，哈希生成函数中存在错误，通过在HTTP POST请求中发送特制的表单，攻击者可利用此漏洞造成哈希冲突，导致较高的CPU消耗。 0 rubini 1.x 厂商补丁： rubini ------ 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://rubini.us/...

Multiple implementations -- DoS via hash algorithm collision

oCERT reports: A variety of programming languages suffer from a denial-of-service DoS condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms. The issue finds particula...