NVD

Id
35837  
Name
CVE-2014-9016  
Description
The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2014-11-24  
Modified Date
2014-12-30  
Seq
2014-9016  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
183483 35837 CVE-2014-9016 DSA-3075  View
183484 35837 CVE-2014-9016 [oss-security] 20141120 Re: [security] Pending CVE assignments for SA-CORE-2014-006?  View
183485 35837 CVE-2014-9016 [oss-security] 20141120 Pending CVE assignments for SA-CORE-2014-006?  View
183486 35837 CVE-2014-9016 [oss-security] 20141120 Re: [security] Pending CVE assignments for SA-CORE-2014-006?  View
183487 35837 CVE-2014-9016 https://www.drupal.org/node/2378367  View
183488 35837 CVE-2014-9016 https://www.drupal.org/node/2378375  View
183489 35837 CVE-2014-9016 https://www.drupal.org/SA-CORE-2014-006  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
16757 JVNDB-2014-005632 Drupal のパスワードハッシュ API および Drupal 用 Secure Password Hashes モジュールにおけるサービス運用妨害 (DoS) の脆弱性 Drupal のパスワードハッシュ API および Drupal 用 Secure Password Hashes (別名 phpass) モジュール には、サービス運用妨害 (CPU 資源およびメモリの消費) 状態にされる脆弱性が存在します。 CVE-2014-9016 76309 CVE-2014-9016 35837 5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-005632.html 2014-11-19 2014-11-26 View