Vulnerabilities (CVE)

Filtered by vendor Solar Designer Subscribe
Filtered by product Crypt Blowfish
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-0591 1 Solar Designer 1 Crypt Blowfish 2024-02-28 1.2 LOW N/A
The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a stolen password file due to the increased number of collisions.