LibMCrypt Memory Leak Resource Exhaustion Vulnerability

libmcrypt is a freely available, open source replacement for standard UNIX crypt().

A memory leak has been reported in libmcrypt. When invoked, libmcrypt causes a small memory leak which is not reclaimed by the system. Because of this, services that use libmcrypt that are persistent could be used to invoke several instances of libmcrypt, resulting in a resource exhaustion vulnerability.


Privacy Statement
Copyright 2010, SecurityFocus