5 matches found
CVE-2014-9016
The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes aka phpass module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service CPU and memory consumption via a crafted request...
Cross site request forgery (csrf)
The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes aka phpass module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service CPU and memory consumption via a crafted request...
UBUNTU-CVE-2014-9016
The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes aka phpass module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service CPU and memory consumption via a crafted request...
CVE-2014-9016
The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes aka phpass module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service CPU and memory consumption via a crafted request...
SA-CONTRIB-2014-113 - Secure Password Hashes - Denial of Service
This module enables a more secure password storage for Drupal 6 by back-porting the code used in Drupal 7 core. A vulnerability in this API allows an attacker to send specially crafted requests resulting in CPU and memory exhaustion. This may lead to the site becoming unavailable or unresponsive...