- Home
- CVEs with nessus.description==The blowfish password hashing implementation did not properly handle 8-characters in passwords, which made it easier for attackers to crack the hash (CVE-2011-2483). After this update existing hashes with id '$2a$' for passwords that contain 8-bit characters will no longer be compatible with newly generated hashes. Affected users will either have to change their password to store a new hash or the id of the existing hash has to be manually changed to '$2x$' in order to activate a compat mode. Please see the description of the CVE-2011-2483 glibc update for details.
File uploads could potentially overwrite files owned by the user running php (CVE-2011-2202).
A long salt argument to the crypt function could cause a buffer overflow (CVE-2011-3268)
Incorrect implementation of the error_log function could crash php (CVE-2011-3267)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top