27 matches found
CVE-2014-9034
wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service CPU consumption via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016...
CVE-2014-9016
Removed by vendor...
UBUNTU-CVE-2013-2173
wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service CPU consumption via a crafted value of a certain wp-postpass cookie...
[oclHashcat-plus v0.14] Worlds fastest md5crypt, phpass, mscash2 and WPA/WPA2 cracker
Features Worlds fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker Worlds first and only GPGPU based rule engine Free Multi-GPU up to 128 gpus Multi-Hash up to 15 million hashes Multi-OS Linux & Windows native binaries Multi-Platform OpenCL & CUDA support Multi-Algo see below Low resource...
SA-CONTRIB-2011-026 - Secure Password Hashes (phpass) - Multiple Vulnerabilities
This module uses the PHPass hashing library to try to store users hashed passwords securely. The module sets a fixed string for the 'pass' column in the users database column but does not replace the pass attribute of the account object used for password reset links. This leads to a vulnerability...
phpass_crack-vulnerability warning-the black bar safety net
from:huaidan.org Trace: the new version of WordPress and phpbb has been deprecated md5, using phpass encryption. there are some other open source WEB. The original DarkC0de posted on aphpass.py, is with dictionary crack, this PhpassCrack too. PasswordsProofficial download of the latest version al...
CVE-2003-1533
SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arbitrary SQL commands via the 1 uid and 2 pwd parameters...