ID CVE-2006-0591
Summary The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a stolen password file due to the increased number of collisions. This vulnerability may only be exploited in conjunction with another vulnerability. The password file (normally shadowed) must first be stolen.
References
Vulnerable Configurations
  • cpe:2.3:a:solar_designer:crypt_blowfish:0.4.7:*:*:*:*:*:*:*
    cpe:2.3:a:solar_designer:crypt_blowfish:0.4.7:*:*:*:*:*:*:*
CVSS
Base: 1.2 (as of 19-10-2018 - 15:45)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:L/AC:H/Au:N/C:P/I:N/A:N
oval via4
accepted 2013-04-29T04:14:28.194-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a stolen password file due to the increased number of collisions.
family unix
id oval:org.mitre.oval:def:11502
status accepted
submitted 2010-07-09T03:56:16-04:00
title The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a stolen password file due to the increased number of collisions.
version 24
redhat via4
advisories
rhsa
id RHSA-2006:0526
refmap via4
bugtraq 20060207 crypt_blowfish 1.0
confirm http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm
misc http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/glibc/crypt_blowfish/crypt_gensalt.c?only_with_tag=CRYPT_BLOWFISH_1_0
osvdb 23005
secunia
  • 18772
  • 20232
  • 20653
  • 20782
sgi 20060602-01-U
vupen ADV-2006-0477
xf cryptblowfish-salt-information-disclosure(24590)
Last major update 19-10-2018 - 15:45
Published 08-02-2006 - 01:02
Back to Top