Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-4269
Description:The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.
Test IDs: 1.3.6.1.4.1.25623.1.0.801284  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-4269
BugTraq ID: 42637
http://www.securityfocus.com/bid/42637
http://blogs.sun.com/kah/entry/derby_10_6_1_has
http://marcellmajor.com/derbyhash.html
http://marc.info/?l=apache-db-general&m=127428514905504&w=1
http://www.securitytracker.com/id?1024977
http://secunia.com/advisories/42948
http://secunia.com/advisories/42970
http://www.vupen.com/english/advisories/2011/0149




© 1998-2024 E-Soft Inc. All rights reserved.