Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-5958HistoryDec 27, 2014 - 6:59 p.m.
CVE-2013-5958
2014-12-2718:59:01
Debian Security Bug Tracker
security-tracker.debian.org
7
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
64.4%
The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a similar issue to CVE-2013-5750.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | symfony | < 5.4.23+dfsg-1+deb12u2 | symfony_5.4.23+dfsg-1+deb12u2_all.deb |
| Debian | 11 | all | symfony | < 4.4.19+dfsg-2+deb11u5 | symfony_4.4.19+dfsg-2+deb11u5_all.deb |
| Debian | 999 | all | symfony | < 6.4.7+dfsg-1 | symfony_6.4.7+dfsg-1_all.deb |
| Debian | 13 | all | symfony | < 6.4.7+dfsg-1 | symfony_6.4.7+dfsg-1_all.deb |
Related
prion
prion
Design/Logic Flaw
2014-12-27 18:59:00
Design/Logic Flaw
2013-09-25 10:31:00
symfony
symfony
Security releases (CVE-2013-5958): Symfony 2.0.25, 2.1.13, 2.2.9, and 2.3.6 released
2013-10-10 00:00:00
CVE-2013-5750: Security issue in FOSUserBundle login form
2013-09-23 00:00:00
nvd
nvd
CVE-2013-5958
2014-12-27 18:59:01
CVE-2013-5750
2013-09-25 10:31:29
cve
cve
CVE-2013-5958
2014-12-27 18:59:01
CVE-2013-5750
2022-10-03 16:14:55
cvelist
cvelist
CVE-2013-5958
2014-12-27 18:00:00
CVE-2013-5750
2022-10-03 16:14:55
osv
osv
Symfony Denial of Service Via Long Password Hashing
2022-05-17 04:19:02
FriendsOfSymfony FOSUserBundle denial of service via login form
2022-05-17 05:00:37
github
github
Symfony Denial of Service Via Long Password Hashing
2022-05-17 04:19:02
FriendsOfSymfony FOSUserBundle denial of service via login form
2022-05-17 05:00:37
friendsofphp
friendsofphp
DOS attack in FOSUserBundle login form
2012-09-23 10:11:26
Possible DOS attack with long user-submitted passwords
2013-10-10 08:30:51
veracode
veracode
Denial Of Service (DoS)
2017-07-07 10:52:56
openvas
openvas
Fedora Update for php-symfony2-EventDispatcher FEDORA-2013-22422
2013-12-17 00:00:00
Fedora Update for php-symfony2-Validator FEDORA-2013-22422
2013-12-17 00:00:00
Fedora Update for php-symfony2-BrowserKit FEDORA-2013-22422
2013-12-17 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: php-symfony2-Console-2.2.10-1.fc18
2013-12-09 02:00:07
[SECURITY] Fedora 18 Update: php-symfony2-Config-2.2.10-1.fc18
2013-12-09 02:00:07
[SECURITY] Fedora 18 Update: php-symfony2-Filesystem-2.2.10-1.fc18
2013-12-09 02:00:08
nessus
nessus
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
64.4%
Related for DEBIANCVE:CVE-2013-5958