Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-9034HistoryNov 25, 2014 - 11:59 p.m.
CVE-2014-9034
2014-11-2523:59:00
Debian Security Bug Tracker
security-tracker.debian.org
12
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.264 Low
EPSS
Percentile
96.7%
wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | < 4.0.1+dfsg-1 | wordpress_4.0.1+dfsg-1_all.deb |
| Debian | 11 | all | wordpress | < 4.0.1+dfsg-1 | wordpress_4.0.1+dfsg-1_all.deb |
| Debian | 10 | all | wordpress | < 4.0.1+dfsg-1 | wordpress_4.0.1+dfsg-1_all.deb |
| Debian | 999 | all | wordpress | < 4.0.1+dfsg-1 | wordpress_4.0.1+dfsg-1_all.deb |
| Debian | 13 | all | wordpress | < 4.0.1+dfsg-1 | wordpress_4.0.1+dfsg-1_all.deb |
Related
packetstorm
packetstorm
Drupal / WordPress Memory Exhaustion
2014-12-01 00:00:00
WordPress 4.0 Denial Of Service
2014-11-29 00:00:00
prion
prion
Design/Logic Flaw
2014-11-25 23:59:00
Cross site request forgery (csrf)
2014-11-24 15:59:00
ubuntucve
ubuntucve
CVE-2014-9034
2014-11-25 00:00:00
CVE-2014-9016
2014-11-24 00:00:00
cve
cve
CVE-2014-9034
2014-11-25 23:59:00
CVE-2014-9016
2014-11-24 15:59:00
openvas
openvas
Drupal Password Hashing Denial of Service Vulnerability
2014-12-09 00:00:00
Fedora Update for drupal7 FEDORA-2014-15583
2015-01-05 00:00:00
Fedora Update for drupal7 FEDORA-2014-15528
2014-12-03 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: drupal7-7.34-1.fc20
2014-12-03 01:03:28
[SECURITY] Fedora 19 Update: drupal7-7.34-1.fc19
2014-12-03 01:05:24
[SECURITY] Fedora 21 Update: drupal7-7.34-1.fc21
2014-12-06 10:05:06
patchstack
patchstack
WordPress <=4.0.1 - Denial of Service Attacks
2014-12-01 00:00:00
veracode
veracode
Denial Of Service(DoS) Via CPU Consumption
2017-08-10 08:10:58
wpvulndb
wpvulndb
WordPress <= 4.0 - Long Password Denial of Service (DoS)
2014-11-20 20:02:12
nessus
nessus
Fedora 21 : drupal7-7.34-1.fc21 (2014-15583)
2014-12-07 00:00:00
Fedora 19 : drupal7-7.34-1.fc19 (2014-15522)
2014-12-03 00:00:00
Fedora 20 : drupal7-7.34-1.fc20 (2014-15528)
2014-12-03 00:00:00
zdt
zdt
WordPress 4.0 Denial Of Service Exploit
2014-12-01 00:00:00
securityvulns
securityvulns
WordPress <=4.0 Denial of Service Exploit (CVE-2014-9034)
2014-12-01 00:00:00
[SECURITY] [DSA 3075-1] drupal7 security update
2014-12-01 00:00:00
[ MDVSA-2014:233 ] wordpress
2014-12-01 00:00:00
debiancve
debiancve
CVE-2014-9016
2014-11-24 15:59:00
drupal
drupal
SA-CONTRIB-2014-113 - Secure Password Hashes - Denial of Service
2014-11-19 00:00:00
Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2014-006
2014-11-19 00:00:00
exploitpack
exploitpack
WordPress 4.0 - Denial of Service
2014-12-01 00:00:00
metasploit
metasploit
WordPress Long Password DoS
2015-01-04 18:50:23
exploitdb
exploitdb
WordPress Core 4.0 - Denial of Service
2014-12-01 00:00:00
debian
debian
[SECURITY] [DSA 3075-1] drupal7 security update
2014-11-20 16:36:03
[SECURITY] [DSA 3075-1] drupal7 security update
2014-11-20 16:36:03
[SECURITY] [DSA 3085-1] wordpress security update
2014-12-03 08:38:56
osv
osv
drupal7 - security update
2014-11-20 00:00:00
wordpress - security update
2014-12-03 00:00:00
wordpress - security update
2015-06-01 00:00:00
mageia
mageia
Updated drupal packages fix security vulnerabilities
2014-11-26 20:29:06
Updated wordpress package fixes security vulnerabilities
2014-11-26 20:29:06
archlinux
archlinux
drupal: session hijacking and denial of service
2014-11-20 00:00:00
freebsd
freebsd
wordpress -- multiple vulnerabilities
2014-11-25 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.264 Low
EPSS
Percentile
96.7%
Related for DEBIANCVE:CVE-2014-9034