Vulnerabilities

CVE-2015-0886

by Fred · 27/02/2015

Integer overflow in the crypt_raw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent.

Date published : 2015-02-27

http://www.mindrot.org/projects/jBCrypt/news/rel04.html

https://bugzilla.mindrot.org/show_bug.cgi?id=2097

Related

Tags: Cybersecurity Alert