| Vulnerability Name: | CCN-15382 | ||||||
| Published: | 2003-02-01 | ||||||
| Updated: | 2003-02-01 | ||||||
| Summary: | Applications in software and hardware are made up of one or more algorithms, which specify how they process data. Among other factors, programmers choose specific algorithms based on the time and memory needed to process a typical data set. This attribute of the algorithm is known as its "algorithmic complexity."
If a programmer chooses an algorithm that is inappropriate for the data set, then it is possible for specially-crafted data to consume significantly more resources or time, resulting in a denial of service. | ||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||
| CVSS v2 Severity: | 2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
| ||||||
| Vulnerability Consequences: | Denial of Service | ||||||
| References: | Source: CCN Type: VulnWatch Mailing List, Sat May 17 2003 - 16:12:58 CDT Algorithmic Complexity Attacks and the Linux Networking Code Source: CCN Type: Rice University Department of Computer Science, Technical Report TR-03-416 Denial of Service via Algorithmic Complexity Attacks Source: XF Type: UNKNOWN data-algorithmic-complexity-dos(15382) | ||||||
| Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||
| BACK | |||||||