The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to cause a denial of service (infinite loop and time out) via a block that references itself.Referenceshttp://www.openwall.com/lists/oss-security/2012/10/04/6http://drupal.org/node/1732828http://www.madirish.net/543http://drupal.org/node/1732946http://www.openwall.com/lists/oss-security/2012/10/07/1
