CVE-2008-6792

system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by "Users and Groups" in GNOME System Tools, hashes account passwords with 3DES and consequently limits effective password lengths to eight characters, which makes it easier for context-dependent attackers to successfully conduct brute-force password attacks.
Configurations

Configuration 1 (hide)

cpe:2.3:o:ubuntu:linux:8.10:*:*:*:*:*:*:*

History

21 Nov 2024, 00:57

Type Values Removed Values Added
References () http://osvdb.org/50037 - () http://osvdb.org/50037 -
References () http://secunia.com/advisories/32566 - Vendor Advisory () http://secunia.com/advisories/32566 - Vendor Advisory
References () http://www.ubuntu.com/usn/usn-663-1 - Vendor Advisory () http://www.ubuntu.com/usn/usn-663-1 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/50435 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/50435 -
References () https://launchpad.net/bugs/287134 - () https://launchpad.net/bugs/287134 -

Information

Published : 2009-05-07 17:30

Updated : 2024-11-21 00:57


NVD link : CVE-2008-6792

Mitre link : CVE-2008-6792

CVE.ORG link : CVE-2008-6792


JSON object : View

Products Affected

ubuntu

  • linux
CWE
CWE-310

Cryptographic Issues