Bug 781683 - (CVE-2011-4462) CVE-2011-4462 plone: hash table collisions CPU usage DoS (oCERT-2011-003)
CVE-2011-4462 plone: hash table collisions CPU usage DoS (oCERT-2011-003)
Status: CLOSED WONTFIX
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20111228,repor...
: Security
Depends On: 784044
Blocks: hashdos/oCERT-2011-003 782243
  Show dependency treegraph
 
Reported: 2012-01-14 02:33 EST by Kurt Seifried
Modified: 2015-07-31 02:47 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-03-05 08:07:59 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Kurt Seifried 2012-01-14 02:33:20 EST
Julian Wälde and Alexander Klink reported a flaw in the hash function used in
the implementation of the Python dictionaries (associative arrays).

A specially-crafted set of keys could trigger hash function collisions, which
degrade dictionary performance by changing hash table operations complexity
from an expected/average O(1) to the worst case O(n).  Reporters were able to
find colliding strings efficiently using meet in the middle attack.

conga embeds a copy of Plone (from the source rpm):

conga-0.12.2.tar.gz
luci_db-0.12.2-4.tar.gz
plib-1.8.5
plib-1.8.5.tar.gz
Plone-2.5.5.tar.gz
Zope-2.9.8-final.tgz
Comment 4 Jan Lieskovsky 2012-01-23 11:17:46 EST
This issue affects the version of the conga package as shipped with Red Hat Cluster Suite for Red Hat Enterprise Linux 4.

This issue affects the version of the conga package as shipped with Red Hat Enterprise Linux 5.

--

This issue affects the version of the plone package, as shipped with Fedora EPEL 5. Please schedule an update once there is Zope upstream patch available.
Comment 5 Jan Lieskovsky 2012-01-23 11:26:11 EST
Statement:

(none)
Comment 6 Jan Lieskovsky 2012-01-23 11:28:14 EST
Created plone tracking bugs for this issue

Affects: epel-5 [bug 784044]

Note You need to log in before you can comment on or make changes to this bug.