SynopsisThe remote server is hosting an outdated installation of Drupal that is vulnerable to a Denial of Service (DoS) attack vector.
DescriptionThe version of Drupal installed on the remote server is 7.x prior to 7.34, and is affected by a flaw in the password hashing API. It is triggered when handling a specially crafted request, which can cause a consumption of CPU and memory resources. This may allow a remote attacker to cause a denial of service.
SolutionUpgrade to Drupal 7.34 or later.