CVE-2013-2197
Login Security 6.x-1.x < 6.x-1.3 and 7.x-1.x < 7.x-1.3 - Denial of Service via Login Delay Option
Title source: llmDescription
The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal, when using the login delay option, allows remote attackers to cause a denial of service (CPU consumption) via a large number of failed login attempts.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_misc
https://drupal.org/node/2023585
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/06/20/3
Patch x_refsource_confirm
https://drupal.org/node/2023507
Patch x_refsource_confirm
https://drupal.org/node/2023503
Scores
EPSS
0.0134
EPSS Percentile
67.9%
Details
CWE
CWE-119
Status
published
Products (9)
login_security_project/login_security
6.x-1.0 (3 CPE variants)
login_security_project/login_security
6.x-1.1
login_security_project/login_security
6.x-1.2
login_security_project/login_security
6.x-1.3
login_security_project/login_security
6.x-1.x dev
login_security_project/login_security
7.x-1.0
login_security_project/login_security
7.x-1.1
login_security_project/login_security
7.x-1.2
login_security_project/login_security
7.x-1.x dev
Published
Aug 28, 2013
Tracked Since
Feb 18, 2026