Published: 17/01/2003 Updated: 18/10/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Memory leak in libmcrypt prior to 2.5.5 allows malicious users to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mcrypt libmcrypt 2.5.3
mcrypt libmcrypt 2.5_.0
mcrypt libmcrypt 2.5.1_r4
mcrypt libmcrypt 2.5.2

Ilia Alshanetsky discovered several buffer overflows in libmcrypt, a decryption and encryption library, that originates from improper or lacking input validation By passing input which is longer than expected to a number of functions (multiple functions are affected) the user can successfully make libmcrypt crash and may be able to insert arbitrar ...

NVD-CWE-Other http://www.debian.org/security/2003/dsa-228 http://www.iss.net/security_center/static/10988.php http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000567 http://www.securityfocus.com/bid/6512 http://marc.info/?l=bugtraq&m=104162752401212&w=2 http://marc.info/?l=bugtraq&m=104188513728573&w=2 https://nvd.nist.gov https://www.debian.org/security/./dsa-228

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0032

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect