PT-2013-1367 · Perl+6 · Convert::Asn1+6

Dana

Publicado

2013-10-09

Atualizado

2024-08-20

CVE-2013-7488

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions perl-Convert-ASN1 versions 0.27 and earlier

Description The issue is related to the Convert::ASN1 module for Perl, which can lead to an infinite loop when encountering unexpected input. This can be exploited by a remote attacker to cause a denial of service.

Recommendations For versions 0.27 and earlier, update to a version later than 0.27 to resolve the issue. As a temporary workaround, consider restricting input to prevent unexpected data from being processed by the Convert::ASN1 module until a patch is available.

Exploit

Correção

Infinite Loop

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-835

Identificadores relacionados

ALSA-2024:3049

BDU:2023-01647

CESA-2024_3049

CVE-2013-7488

INFSA-2024_3049

MGASA-2021-0363

OPENSUSE-SU-2024:11159-1

RHSA-2024:3049

RHSA-2024_3049

RLSA-2024:3049

SUSE-SU-2021:0172-1

SUSE-SU-2021:0183-1

SUSE-SU-2021_0172-1

SUSE-SU-2021_0183-1

Produtos afetados

Almalinux

Astra Linux

Centos

Convert::Asn1

Red Hat

Rocky Linux

Suse

PT-2013-1367 · Perl+6 · Convert::Asn1+6

CVE-2013-7488

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 49