Lucene search
K

5 matches found

Prion
Prion
added 2014/11/24 3:59 p.m.32 views

Cross site request forgery (csrf)

The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes aka phpass module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service CPU and memory consumption via a crafted request...

5CVSS6.8AI score0.82699EPSS
Exploits3References9Affected Software3
OSV
OSV
added 2014/11/24 3:59 p.m.3 views

UBUNTU-CVE-2014-9016

The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes aka phpass module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service CPU and memory consumption via a crafted request...

5CVSS6.4AI score0.82699EPSS
Exploits3References3
CVE
CVE
added 2014/11/24 3:0 p.m.172 views

CVE-2014-9016

CVE-2014-9016 affects Drupal 7.x prior to 7.34 and the Secure Password Hashes (phpass) module 6.x-2.x prior to 6.x-2.1. The issue is a denial-of-service condition caused by the password hashing API, where a crafted request can exhaust CPU and memory. Remediation is to update to Drupal 7.34+ and p...

5CVSS6AI score0.82699EPSS
Exploits3References9Affected Software2
Tenable Nessus
Tenable Nessus
added 2014/11/21 12:0 a.m.74 views

Drupal 6.x < 6.34 / 7.x < 7.34 Multiple Vulnerabilities

The remote web server is running a version of Drupal that is 6.x prior to 6.34 or 7.x prior to 7.34. It is, therefore, potentially affected by the following vulnerabilities : - There exists an unspecified flaw that is triggered when handling a specially crafted request that may allow a remote...

6.8CVSS6.3AI score0.82699EPSS
Exploits3References5
ArchLinux
ArchLinux
added 2014/11/20 12:0 a.m.49 views

drupal: session hijacking and denial of service

Custom configured session.inc and password.inc need to be audited as well to verify if they are prone to the following vulnerabilities. More information can be found in the upstream advisory 0. - CVE-2014-9015 session hijacking Aaron Averill discovered that a specially crafted request can give a...

6.8CVSS2.2AI score0.82699EPSS
Exploits3References4
Rows per page
Query Builder