CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
Percentile
74.9%
Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4
uses the MD5 algorithm for password hashes, which makes it easier for
context-dependent attackers to determine cleartext passwords via a
brute-force attack on the database.
Author | Note |
---|---|
jdstrand | for Lucid, please test packages in lucid-proposed and report in https://launchpad.net/bugs/750339 |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | request-tracker3.8 | < 3.8.7-1ubuntu2.2 | UNKNOWN |
ubuntu | 10.10 | noarch | request-tracker3.8 | < 3.8.8-4ubuntu0.1 | UNKNOWN |
ubuntu | 11.04 | noarch | request-tracker3.8 | < 3.8.10-1 | UNKNOWN |