crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 01:28
Type | Values Removed | Values Added |
---|---|---|
References | () http://freshmeat.net/projects/crypt_blowfish - Broken Link | |
References | () http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 - Third Party Advisory | |
References | () http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html - Mailing List | |
References | () http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00015.html - Third Party Advisory | |
References | () http://php.net/security/crypt_blowfish - Third Party Advisory | |
References | () http://support.apple.com/kb/HT5130 - Third Party Advisory | |
References | () http://www.debian.org/security/2011/dsa-2340 - Third Party Advisory, VDB Entry | |
References | () http://www.debian.org/security/2012/dsa-2399 - Third Party Advisory, VDB Entry | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2011:165 - Broken Link | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 - Broken Link | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2011:179 - Broken Link | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2011:180 - Broken Link | |
References | () http://www.openwall.com/crypt/ - Mailing List, Patch, Third Party Advisory | |
References | () http://www.php.net/ChangeLog-5.php#5.3.7 - Third Party Advisory | |
References | () http://www.php.net/archive/2011.php#id2011-08-18-1 - Patch, Vendor Advisory | |
References | () http://www.postgresql.org/docs/8.4/static/release-8-4-9.html - Patch, Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2011-1377.html - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2011-1378.html - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2011-1423.html - Broken Link | |
References | () http://www.securityfocus.com/bid/49241 - Third Party Advisory, VDB Entry | |
References | () http://www.ubuntu.com/usn/USN-1229-1 - Third Party Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/69319 - Third Party Advisory, VDB Entry |
23 Apr 2024, 19:57
Type | Values Removed | Values Added |
---|---|---|
First Time |
Openwall
Openwall crypt Blowfish |
|
CPE | cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:* cpe:2.3:a:solar_designer:crypt_blowfish:*:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:* cpe:2.3:a:solar_designer:crypt_blowfish:0.4.3:*:*:*:*:*:*:* cpe:2.3:a:solar_designer:crypt_blowfish:0.4.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:solar_designer:crypt_blowfish:0.4.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:* cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:* cpe:2.3:a:solar_designer:crypt_blowfish:0.2:*:*:*:*:*:*:* cpe:2.3:a:solar_designer:crypt_blowfish:0.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:solar_designer:crypt_blowfish:0.4.6:*:*:*:*:*:*:* cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:* cpe:2.3:a:solar_designer:crypt_blowfish:0.4.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:solar_designer:crypt_blowfish:0.4.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:* cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:* cpe:2.3:a:solar_designer:crypt_blowfish:0.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:* |
cpe:2.3:a:openwall:crypt_blowfish:*:*:*:*:*:*:*:* |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/69319 - Third Party Advisory, VDB Entry |
25 Oct 2023, 20:23
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* | |
First Time |
Postgresql
Postgresql postgresql |
|
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2011-1423.html - Broken Link | |
References | (CONFIRM) http://support.apple.com/kb/HT5130 - Third Party Advisory | |
References | (CONFIRM) http://www.php.net/archive/2011.php#id2011-08-18-1 - Patch, Vendor Advisory | |
References | (DEBIAN) http://www.debian.org/security/2012/dsa-2399 - Third Party Advisory, VDB Entry | |
References | (CONFIRM) http://www.php.net/ChangeLog-5.php#5.3.7 - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00015.html - Third Party Advisory | |
References | (CONFIRM) http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 - Third Party Advisory | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2011-1378.html - Broken Link | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/69319 - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/49241 - Third Party Advisory, VDB Entry | |
References | (APPLE) http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html - Mailing List | |
References | (MISC) http://freshmeat.net/projects/crypt_blowfish - Broken Link | |
References | (CONFIRM) http://www.openwall.com/crypt/ - Mailing List, Patch, Third Party Advisory | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2011:165 - Broken Link | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2011:180 - Broken Link | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 - Broken Link | |
References | (CONFIRM) http://www.postgresql.org/docs/8.4/static/release-8-4-9.html - Patch, Vendor Advisory | |
References | (UBUNTU) http://www.ubuntu.com/usn/USN-1229-1 - Third Party Advisory | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2011:179 - Broken Link | |
References | (CONFIRM) http://php.net/security/crypt_blowfish - Third Party Advisory | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2011-1377.html - Broken Link | |
References | (DEBIAN) http://www.debian.org/security/2011/dsa-2340 - Third Party Advisory, VDB Entry |
Information
Published : 2011-08-25 14:22
Updated : 2024-11-21 01:28
NVD link : CVE-2011-2483
Mitre link : CVE-2011-2483
CVE.ORG link : CVE-2011-2483
JSON object : View
Products Affected
openwall
- crypt_blowfish
php
- php
postgresql
- postgresql
CWE
CWE-310
Cryptographic Issues