Lucene search
HistorySep 23, 2013 - 8:55 p.m.
CVE-2013-1443
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
Low
EPSS
0.013
Percentile
85.8%
The authentication framework (django.contrib.auth) in Django 1.4.x before 1.4.8, 1.5.x before 1.5.4, and 1.6.x before 1.6 beta 4 allows remote attackers to cause a denial of service (CPU consumption) via a long password which is then hashed.
Affected configurations
Node
djangoprojectdjangoMatch1.4
ORdjangoprojectdjangoMatch1.4.1
ORdjangoprojectdjangoMatch1.4.2
ORdjangoprojectdjangoMatch1.4.4
ORdjangoprojectdjangoMatch1.4.5
ORdjangoprojectdjangoMatch1.4.6
ORdjangoprojectdjangoMatch1.4.7
Node
djangoprojectdjangoMatch1.6beta1
ORdjangoprojectdjangoMatch1.6beta2
ORdjangoprojectdjangoMatch1.6beta3
Node
djangoprojectdjangoMatch1.5
ORdjangoprojectdjangoMatch1.5alpha
ORdjangoprojectdjangoMatch1.5beta
ORdjangoprojectdjangoMatch1.5.1
ORdjangoprojectdjangoMatch1.5.2
ORdjangoprojectdjangoMatch1.5.3
Related
seebug
seebug
Djangoε―η εεΈζη»ζε‘ζΌζ΄(CVE-2013-1443)
2013-09-18 00:00:00
nessus
nessus
FreeBSD : django -- denial-of-service via large passwords (05dc6efa-2370-11e3-95b7-00e0814cab4e)
2013-09-23 00:00:00
Fedora 20 : python-django-1.5.4-1.fc20 (2013-16938)
2013-09-27 00:00:00
Debian DSA-2758-1 : python-django - denial of service
2013-09-18 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2758-1)
2013-09-16 00:00:00
Debian Security Advisory DSA 2758-1 (python-django - denial of service)
2013-09-17 00:00:00
Fedora Update for python-django FEDORA-2013-16901
2013-10-03 00:00:00
github
github
Django Denial of Service Vulnerability in the authentication framework
2022-05-17 04:53:45
cve
cve
CVE-2013-1443
2013-09-23 20:55:07
threatpost
threatpost
Patches for Django Framework Fix DoS Vuln
2013-09-17 13:40:25
freebsd
freebsd
django -- denial-of-service via large passwords
2013-09-15 00:00:00
debian
debian
[SECURITY] [DSA 2758-1] python-django security update
2013-09-17 18:43:26
[SECURITY] [DSA 2758-1] python-django security update
2013-09-17 18:43:26
fedora
fedora
[SECURITY] Fedora 20 Update: python-django-1.5.4-1.fc20
2013-09-26 06:18:28
[SECURITY] Fedora 19 Update: python-django-1.5.4-1.fc19
2013-09-24 22:56:43
[SECURITY] Fedora 19 Update: python-django14-1.4.8-1.fc19
2013-09-24 23:05:13
cvelist
cvelist
CVE-2013-1443
2013-09-23 20:00:00
osv
osv
Django Denial of Service Vulnerability in the authentication framework
2022-05-17 04:53:45
python-django - denial of service
2013-09-17 00:00:00
PYSEC-2013-18
2013-09-23 20:55:00
gitlab
gitlab
DOS via large passwords
2013-09-23 00:00:00
prion
prion
Authentication flaw
2013-09-23 20:55:00
debiancve
debiancve
CVE-2013-1443
2013-09-23 20:55:07
ubuntucve
ubuntucve
CVE-2013-1443
2013-09-20 00:00:00
securityvulns
securityvulns
[USN-1967-1] Django vulnerabilities
2013-10-02 00:00:00
mageia
mageia
Updated python-django package fixes multiple vulnerabilities
2013-09-19 13:45:04
ubuntu
ubuntu
Django vulnerabilities
2013-09-24 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
Low
EPSS
0.013
Percentile
85.8%
Related for NVD:CVE-2013-1443