Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2011-2483
Description:crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context- dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.
Test IDs: 1.3.6.1.4.1.25623.1.0.70257   1.3.6.1.4.1.25623.1.0.70204   1.3.6.1.4.1.25623.1.0.70324   1.3.6.1.4.1.25623.1.0.70325   1.3.6.1.4.1.25623.1.0.70623   1.3.6.1.4.1.25623.1.0.70444   1.3.6.1.4.1.25623.1.0.70456   1.3.6.1.4.1.25623.1.0.70624   1.3.6.1.4.1.25623.1.0.70512   1.3.6.1.4.1.25623.1.0.70443   1.3.6.1.4.1.25623.1.0.70717   1.3.6.1.4.1.25623.1.0.70957   1.3.6.1.4.1.25623.1.0.70716   1.3.6.1.4.1.25623.1.0.103229   1.3.6.1.4.1.25623.1.0.72074   1.3.6.1.4.1.25623.1.0.72062   1.3.6.1.4.1.25623.1.0.122073   1.3.6.1.4.1.25623.1.0.122072   1.3.6.1.4.1.25623.1.0.831514   1.3.6.1.4.1.25623.1.0.881024   1.3.6.1.4.1.25623.1.0.881028   1.3.6.1.4.1.25623.1.0.881449   1.3.6.1.4.1.25623.1.0.881310   1.3.6.1.4.1.25623.1.0.881333   1.3.6.1.4.1.25623.1.0.831478   1.3.6.1.4.1.25623.1.0.840772   1.3.6.1.4.1.25623.1.0.881042   1.3.6.1.4.1.25623.1.0.870506   1.3.6.1.4.1.25623.1.0.881025   1.3.6.1.4.1.25623.1.0.870510   1.3.6.1.4.1.25623.1.0.870503   1.3.6.1.4.1.25623.1.0.120570   1.3.6.1.4.1.25623.1.0.881408   1.3.6.1.4.1.25623.1.0.850170  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-2483
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
BugTraq ID: 49241
http://www.securityfocus.com/bid/49241
Debian Security Information: DSA-2340 (Google Search)
http://www.debian.org/security/2011/dsa-2340
Debian Security Information: DSA-2399 (Google Search)
http://www.debian.org/security/2012/dsa-2399
http://www.mandriva.com/security/advisories?name=MDVSA-2011:165
http://www.mandriva.com/security/advisories?name=MDVSA-2011:178
http://www.mandriva.com/security/advisories?name=MDVSA-2011:179
http://www.mandriva.com/security/advisories?name=MDVSA-2011:180
http://freshmeat.net/projects/crypt_blowfish
RedHat Security Advisories: RHSA-2011:1377
http://www.redhat.com/support/errata/RHSA-2011-1377.html
RedHat Security Advisories: RHSA-2011:1378
http://www.redhat.com/support/errata/RHSA-2011-1378.html
RedHat Security Advisories: RHSA-2011:1423
http://www.redhat.com/support/errata/RHSA-2011-1423.html
SuSE Security Announcement: SUSE-SA:2011:035 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00015.html
http://www.ubuntu.com/usn/USN-1229-1
XForce ISS Database: php-cryptblowfish-info-disclosure(69319)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69319




© 1998-2024 E-Soft Inc. All rights reserved.