DSA-2758-1 python-django -- denial of serviceID: oval:org.secpod.oval:def:601107 | Date: (C)2013-09-25 (M)2022-10-10 |
Class: PATCH | Family: unix |
It was discovered that python-django, a high-level Python web develompent framework, is prone to a denial of service vulnerability via large passwords. A non-authenticated remote attacker could mount a denial of service by submitting arbitrarily large passwords, tying up server resources in the expensive computation of the corresponding hashes to verify the password.
Platform: |
Debian 7.0 |
Debian 6.0 |