CVE-2006-0591

The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a stolen password file due to the increased number of collisions.
Configurations

Configuration 1 (hide)

cpe:2.3:a:solar_designer:crypt_blowfish:0.4.7:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-02-08 01:02

Updated : 2024-02-28 10:42


NVD link : CVE-2006-0591

Mitre link : CVE-2006-0591

CVE.ORG link : CVE-2006-0591


JSON object : View

Products Affected

solar_designer

  • crypt_blowfish
CWE
CWE-310

Cryptographic Issues