CVE Vulnerabilities

CVE-2015-2936

Published: Apr 13, 2015 | Modified: Dec 07, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.1 HIGH
AV:N/AC:M/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing, allows remote attackers to cause a denial of service (CPU consumption) via a long password.

Affected Software

Name Vendor Start Version End Version
Mediawiki Mediawiki 1.24.0 (including) 1.24.0 (including)
Mediawiki Mediawiki 1.24.1 (including) 1.24.1 (including)
Mediawiki Ubuntu artful *
Mediawiki Ubuntu lucid *
Mediawiki Ubuntu precise *
Mediawiki Ubuntu trusty *
Mediawiki Ubuntu upstream *
Mediawiki Ubuntu utopic *
Mediawiki Ubuntu vivid *
Mediawiki Ubuntu wily *
Mediawiki Ubuntu yakkety *
Mediawiki Ubuntu zesty *

References