LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability

LibYAML and Perl YAML-LibYAML module are prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to crash the application, resulting in denial-of-service conditions.


Bugtraq ID: 71349
Class: Input Validation Error
CVE: CVE-2014-9130

Remote: Yes
Local: No
Published: Nov 28 2014 12:00AM
Updated: Apr 21 2017 07:06AM
Credit: Stanislaw Pitucha
Vulnerable: Ubuntu Ubuntu Linux 14.10
Ubuntu Ubuntu Linux 14.04 LTS
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Pyyaml Libyaml 0.1.6
Pyyaml Libyaml 0.1.5
Oracle Enterprise Linux 7
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
Debian Linux 7.1
Debian Linux 7.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 6
AlienVault AlienVault 4.15
AlienVault AlienVault 4.13
AlienVault AlienVault 4.12.1
AlienVault AlienVault 4.12

Not Vulnerable: AlienVault AlienVault 4.15.1


Attackers will likely use standard network tools to exploit this issue.

Related Posts