4 matches found
Scientific Linux Security Update : busybox on SL4.x i386/x86_64
BusyBox did not use a salt when generating passwords. This made it easier for local users to guess passwords from a stolen password file. CVE-2006-1058 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'deprecatednasllevel.inc';...
Low: busybox security update
1.00.rc1-7.el4 - fix -l and -u passwd options 1.00.rc1-6.el4 - add psw 1.00.rc1-5.el4 - fix CVE-2006-1058 - BusyBox passwd command fails to generate password with salt 187385...
CVE-2006-1058
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables...
CVE-2006-1058
CVE-2006-1058 affects BusyBox 1.1.1, where the passwd generation did not use a salt, enabling local password guessing from a stolen password file. The issue is addressed by security advisories and patches in multiple distributions (RHSA-2007:0244; CESA-2007:0244; ELSA-2007-0244; RHSA). Affected p...