jetlib.sec » Packet Storm Security Advisories » Mandriva Linux Security Advisory 2012-019

Feeds

133205 items (1 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities (1 unread)
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Packet Storm Security Advisories

• February 14, 2012
• 

  Mandriva Linux Security Advisory 2012-019

  Posted: February 14th, 2012, 4:06pm PST

  Tags:  mandriva hash linux mandriva-linux hash-values hash-table  

  Mandriva Linux Security Advisory 2012-019 - tables/apr_hash.c in the Apache Portable Runtime library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service via crafted input to an application that maintains a hash table. APR has been upgraded to the latest version which holds many improvements over the previous versions and is not vulnerable to this issue.