RSS   Vulnerabilities for 'Php5-common'   RSS

2012-08-07
 
CVE-2012-2317

CWE-310
 

 
The Debian php_crypt_revamped.patch patch for PHP 5.3.x, as used in the php5 package before 5.3.3-7+squeeze4 in Debian GNU/Linux squeeze, the php5 package before 5.3.2-1ubuntu4.17 in Ubuntu 10.04 LTS, and the php5 package before 5.3.5-1ubuntu7.10 in Ubuntu 11.04, does not properly handle an empty salt string, which might allow remote attackers to bypass authentication by leveraging an application that relies on the PHP crypt function to choose a salt for password hashing.

 

 >>> Vendor: Debian 94 Products
Debian linux
Netkit
Elvis tiny
Sgml-tools
Netstd
Internet message
Mime-support
FSP
Lintian
Shadow-utils
Debmake
Tetex-bin
DPKG
Sympa
Bsmtpd
Toolchain-source
PPXP
Reportbug
Qpopper
Apt-cacher
Apt-setup
Backupninja
Kernel-patch-vserver
Libmail-audit-perl
Amaya
Base-config
Apache
GFAX
Debian-goodies
Reprepro
Guilt
UNP
Apt-listchanges
TSS
Aptlinex
Projectl
Horde
Turba
Honeyd common
Citadel server
Python-dns
Xsabre
FETA
Dpkg-cross
Myspell
Newsgate
Initramfs-tools
Os-prober
Mailscanner
LTP
Shadow
Horde imp
Horde groupware
Nss-ldap
APT
Libdbd-pg-perl
Mono-debugger
Tex-common
Apache2
Texlive-extra-utils
Php5-common
Logol
Devotee
Cifs-utils
Trousers
Bsdmainutils
Cfingerd
LATD
Txt2man
Adequate
Localepurge
Syncevolution
Axiom
Ppthtml
Xbuffy
Strongswan
Dpkg-dev
Kde4libs
Python-imaging
Exuberant ctags
Hivex
Dbd-firebird
Unattended-upgrades
FUSE
TOR
Xbindkeys-config
Ftpsync
Postgresql-common
TIN
Devscript
Advanced package tool
Crossroads
Tmpreaper
Devscripts


Copyright 2019, cxsecurity.com

 

Back to Top