Vulnerabilities

CVE-2011-2483

by Fred · 25/08/2011

crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.

Date published : 2011-08-25

http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html

http://www.securityfocus.com/bid/49241

Similar

Tags: Cybersecurity Alert