11 matches found
EUVD-2005-2184
Malware in sbrugna...
OESA-2022-1530 python-django security update
A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted...
DEBIAN-CVE-2021-45115
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user...
OpenSSHd 7.2p2 - Username Enumeration
Source: http://seclists.org/fulldisclosure/2016/Jul/51 -------------------------------------------------------------------- User Enumeration using Open SSHD =Latest version. ------------------------------------------------------------------- Abstract: ----------- By sending large passwords, a...
Ubuntu 14.04 LTS : PAM vulnerabilities (USN-2935-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2935-1 advisory. It was discovered that the PAM pamuserdb module incorrectly used a case-insensitive method when comparing hashed passwords. A local attacker could possib...
GLSA-201406-12 : FreeRADIUS: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-201406-12 FreeRADIUS: Arbitrary code execution Large passwords can trigger a stack-based buffer overflow in FreeRADIUSs rlmpap module when authenticating against an LDAP server. Impact : An authenticated user could set a specially...
USN-1967-1: Django vulnerabilities
It was discovered that Django incorrectly handled large passwords. A remote attacker could use this issue to consume resources, resulting in a denial of service. CVE-2013-1443 It was discovered that Django incorrectly handled ssi templates. An attacker could use this issue to read arbitrary files...
Debian Security Advisory DSA 2758-1 (python-django - denial of service)
It was discovered that python-django, a high-level Python web develompent framework, is prone to a denial of service vulnerability via large passwords. A non-authenticated remote attacker could mount a denial of service by submitting arbitrarily large passwords, tying up server resources in the...
DSA-2758-1 python-django - denial of service
Bulletin has no description...
Cold Fusion Administration Page Overflow
A denial of service vulnerability exists within the Allaire ColdFusion web application server version 4.5.1 and earlier which allows an attacker to overwhelm the web server and deny legitimate web page requests. SPDX-FileCopyrightText: 2000 Matt Moore Some text descriptions might be excerpted fro...
Cayman 3220-H DSL Router 1.0/GatorSurf 5.3 - Denial of Service
source: https://www.securityfocus.com/bid/1219/info Large usernames or passwords sent to the router's HTTP interface restart the router. Router log will show "restart not in response to admin command" Open the router interface with your browser. Username: ......................... x79 + After the...