Vulnerabilities

CVE-2006-0591

by Fred · 07/02/2006

The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a stolen password file due to the increased number of collisions.

Date published : 2006-02-07

http://www.securityfocus.com/archive/1/424260/100/0/threaded

http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm

Similar

Tags: Cybersecurity Alert