CVE-2008-3188

libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords.
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00008.html Mailing List Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html Mailing List Vendor Advisory
http://secunia.com/advisories/31096 Broken Link Third Party Advisory
http://secunia.com/advisories/31339 Broken Link Third Party Advisory
http://www.securityfocus.com/bid/30301 Broken Link Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/43927 Third Party Advisory VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00008.html Mailing List Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html Mailing List Vendor Advisory
http://secunia.com/advisories/31096 Broken Link Third Party Advisory
http://secunia.com/advisories/31339 Broken Link Third Party Advisory
http://www.securityfocus.com/bid/30301 Broken Link Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/43927 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:48

Type Values Removed Values Added
References () http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00008.html - Mailing List, Vendor Advisory () http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00008.html - Mailing List, Vendor Advisory
References () http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html - Mailing List, Vendor Advisory () http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html - Mailing List, Vendor Advisory
References () http://secunia.com/advisories/31096 - Broken Link, Third Party Advisory () http://secunia.com/advisories/31096 - Broken Link, Third Party Advisory
References () http://secunia.com/advisories/31339 - Broken Link, Third Party Advisory () http://secunia.com/advisories/31339 - Broken Link, Third Party Advisory
References () http://www.securityfocus.com/bid/30301 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/30301 - Broken Link, Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/43927 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/43927 - Third Party Advisory, VDB Entry

09 Feb 2024, 03:19

Type Values Removed Values Added
References (SECUNIA) http://secunia.com/advisories/31339 - Third Party Advisory (SECUNIA) http://secunia.com/advisories/31339 - Broken Link, Third Party Advisory
References (BID) http://www.securityfocus.com/bid/30301 - Third Party Advisory, VDB Entry (BID) http://www.securityfocus.com/bid/30301 - Broken Link, Third Party Advisory, VDB Entry
References (SECUNIA) http://secunia.com/advisories/31096 - Third Party Advisory (SECUNIA) http://secunia.com/advisories/31096 - Broken Link, Third Party Advisory
CWE CWE-326 CWE-327
CVSS v2 : 5.0
v3 : unknown
v2 : 5.0
v3 : 7.5

Information

Published : 2008-07-22 16:41

Updated : 2024-11-21 00:48


NVD link : CVE-2008-3188

Mitre link : CVE-2008-3188

CVE.ORG link : CVE-2008-3188


JSON object : View

Products Affected

opensuse

  • opensuse
CWE
CWE-327

Use of a Broken or Risky Cryptographic Algorithm