2 matches found
openSUSE Security Update : libxcrypt (libxcrypt-109)
libxcrypt accidentally used the DES-Algorithm if MD5 was selected as password hash algorithm CVE-2008-3188. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libxcrypt-109. The text description ...
CVE-2008-3188
CVE-2008-3188 concerns libxcrypt in SUSE openSUSE 11.0. The root cause is that when the MD5 password-hash setting is configured, libxcrypt still uses DES, enabling easier brute-force attacks on hashed passwords. This vulnerability affects openSUSE 11.0 where MD5 is configured but DES is used inst...