The hash_strcmp function in hasch.c in Crackalaka 1.0.8 allows remote attackers to cause a denial of service (crash) via large malformed strings.