3625 matches found
CVE-2012-1588
Algorithmic complexity vulnerability in the filterurl function in the text filtering system modules/filter/filter.module in Drupal 7.x before 7.14 allows remote authenticated users with certain roles to cause a denial of service CPU consumption via a long email address...
CVE-2012-1588
CVE-2012-1588 affects Drupal core 7.x; a pattern in the text filtering system’s _filter_url/filters can cause excessive CPU usage (DoS) when processing long email-like strings. The vulnerability requires certain user roles to post content and is mitigated by upgrading. The Drupal security advisor...
Scientific Linux Security Update : mcstrans on SL5.x i386/x86_64
An algorithmic complexity weakness was found in the way the mcstrans daemon handled ranges of compartments in sensitivity labels. A local user could trigger this flaw causing mctransd to temporarily stop responding to other requests; a partial denial of service. CVE-2007-4570 This update also fix...
CVE-2012-3398
Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to cause a denial of service CPU consumption by using the advanced-search feature on a database activity that has many records...
CVE-2012-3398
Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to cause a denial of service CPU consumption by using the advanced-search feature on a database activity that has many records...
Design/Logic Flaw
Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to cause a denial of service CPU consumption by using the advanced-search feature on a database activity that has many records...
UBUNTU-CVE-2012-3398
Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to cause a denial of service CPU consumption by using the advanced-search feature on a database activity that has many records...
CVE-2012-3398
Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to cause a denial of service CPU consumption by using the advanced-search feature on a database activity that has many records...
CVE-2012-2098
Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs...
CVE-2012-2098
CVE-2012-2098 affects Apache Commons Compress (BZip2CompressorOutputStream). The vulnerability is an algorithmic complexity in the sorting routines used by the bzip2 stream, allowing an attacker to cause CPU exhaustion (DoS) by feeding input with many repeating patterns. Affected product: Apache ...
CVE-2012-2098
Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs...
CVE-2012-3287
Poul-Henning Kamp md5crypt has insufficient algorithmic complexity and a consequently short runtime, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack, as demonstrated by an attack using GPU hardware...
CVE-2012-3287
Poul-Henning Kamp md5crypt has insufficient algorithmic complexity and a consequently short runtime, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack, as demonstrated by an attack using GPU hardware...
Design/Logic Flaw
Poul-Henning Kamp md5crypt has insufficient algorithmic complexity and a consequently short runtime, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack, as demonstrated by an attack using GPU hardware...
CVE-2012-3287
Poul-Henning Kamp md5crypt has insufficient algorithmic complexity and a consequently short runtime, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack, as demonstrated by an attack using GPU hardware...
CVE-2012-3287
The CVE concerns Poul-Henning Kamp’s md5crypt, where the md5crypt algorithm has insufficient complexity and short runtime. This enables context-dependent attackers to recover cleartext passwords via brute-force attacks, including GPU-based approaches, as described in the NVD entry and corroborate...
PT-2012-4623 · Poul Henning Kamp · Md5Crypt
Name of the Vulnerable Software and Affected Versions: Poul-Henning Kamp md5crypt affected versions not specified Description: The issue concerns the md5crypt algorithm having insufficient complexity and a short runtime, making it easier for attackers to discover cleartext passwords via brute-for...
Fedora 15 : expat-2.1.0-1.fc15 (2012-6996)
This update includes expat 2.1.0, which fixes includes a fix for a security issue. A specially crafted set of keys could trigger hash function collisions, which degrade dictionary performance by changing hash table operations complexity from an expected/average O1 to the worst case On. Reporters...
Fedora 16 : expat-2.1.0-1.fc16 (2012-5058)
This update includes expat 2.1.0, which fixes includes a fix for a security issue. A specially crafted set of keys could trigger hash function collisions, which degrade dictionary performance by changing hash table operations complexity from an expected/average O1 to the worst case On. Reporters...
GoAhead Webserver 2.5 Cross Site Scripting
Title : GoAhead WebServer Multiple Cross Site Scripting Vulnerabilities Author : Prabhu S Angadi from SecPod Technologies www.secpod.com Vendor : http://www.goahead.com/products/webserver/default.aspx Advisory : http://secpod.org/blog/?p=421 http://secunia.com/advisories/46896...