312 matches found
CVE-2012-3287
Poul-Henning Kamp md5crypt has insufficient algorithmic complexity and a consequently short runtime, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack, as demonstrated by an attack using GPU hardware...
Mandriva Security Advisory MDVSA-2009:276-1 (python-django)
The remote host is missing an update to python-django announced via advisory MDVSA-2009:276-1. OpenVAS Vulnerability Test $Id: mdksa20092761.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:276-1 python-django Authors: Thomas Reinke Copyright: Copyrig...
Django Forms Library Algorithmic Complexity Vulnerability
The host is running Django and is prone to Algorithmic Complexity vulnerability. OpenVAS Vulnerability Test $Id: secpoddjangoalgorithmiccomplexityvuln.nasl 6539 2017-07-05 12:02:14Z cfischer $ Django Forms Library Algorithmic Complexity Vulnerability Authors: Sharath S Copyright: Copyright c 2009...
CVE-2009-3622
CVE-2009-3622 affects WordPress wp-trackback.php. The vulnerability allows remote attackers to cause a denial of service (CPU consumption and server hang) by sending a long title together with a charset parameter consisting of many comma-separated "UTF-8" substrings, exploiting mb_convert_encodin...
CVE-2009-3622
Algorithmic complexity vulnerability in wp-trackback.php in WordPress before 2.8.5 allows remote attackers to cause a denial of service CPU consumption and server hang via a long title parameter in conjunction with a charset parameter composed of many comma-separated "UTF-8" substrings, related t...
CVE-2009-3622
Algorithmic complexity vulnerability in wp-trackback.php in WordPress before 2.8.5 allows remote attackers to cause a denial of service CPU consumption and server hang via a long title parameter in conjunction with a charset parameter composed of many comma-separated "UTF-8" substrings, related t...
CVE-2009-3695
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...
Design/Logic Flaw
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...
CVE-2009-3695
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...
CVE-2009-3695
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...
CVE-2009-1190
Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit JDK before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 through 2.5.6 and 3.0.0.M1 through 3.0.0.M2 and dm Server 1.0.0 through 1.0.2, allows remote attackers to...
CVE-2009-1190
Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit JDK before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 through 2.5.6 and 3.0.0.M1 through 3.0.0.M2 and dm Server 1.0.0 through 1.0.2, allows remote attackers to...
CVE-2009-1190
CVE-2009-1190 is an algorithmic complexity vulnerability in java.util.regex.Pattern.compile. The issue arises when the JVM compiles long regex patterns containing multiple optional groups, leading to CPU exhaustion and a potential denial of service. Affected products listed in the description inc...
CVE-2008-3656
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.splitheadervalue function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of...
CVE-2007-6067
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service memory consumption via a crafted "complex...
CVE-2007-6067
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service memory consumption via a crafted "complex...
CVE-2007-6067
CVE-2007-6067 is an algorithmic complexity vulnerability in the TCL regular expression parser up to version 8.4.17, used by PostgreSQL 8.2/8.1/8.0/7.4 series. A crafted complex regex with doubly-nested states can be used by remote authenticated users to cause a denial of service via memory consum...
CVE-2007-6523
Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service CPU consumption via a crafted bitmap BMP file that triggers a large number of calculations and checks...
Design/Logic Flaw
Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service CPU consumption via a crafted bitmap BMP file that triggers a large number of calculations and checks...
Design/Logic Flaw
Algorithmic complexity vulnerability in the MCS translation daemon in mcstrans 0.2.3 allows local users to cause a denial of service temporary daemon outage via a large range of compartments in sensitivity labels...