- Home
- CVEs with nessus.description==The blowfish password hashing implementation did not properly handle
8-characters in passwords, which made it easier for attackers to crack
the hash (CVE-2011-2483). After this update existing hashes with id
'$2a$' for passwords that contain 8-bit characters will no longer be
compatible with newly generated hashes. Affected users will either
have to change their password to store a new hash or the id of the
existing hash has to be manually changed to '$2x$' in order to
activate a compat mode. Please see the description of the
CVE-2011-2483 glibc update for details.
File uploads could potentially overwrite files owned by the user
running php (CVE-2011-2202).
A long salt argument to the crypt function could cause a buffer
overflow (CVE-2011-3268)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top