Lucene search

K
ubuntucve
Ubuntu.comUB:CVE-2011-3189
HistoryAug 25, 2011 - 12:00 a.m.

CVE-2011-3189

2011-08-2500:00:00
ubuntu.com
ubuntu.com
7

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.014 Low

EPSS

Percentile

85.8%

The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns
the value of the salt argument instead of the hashed string, which might
allow remote attackers to bypass authentication via an arbitrary password,
a different vulnerability than CVE-2011-2483.

Notes

Author Note
jdstrand regression CVE for php5 5.3.7
Use Vulners API to create your own security tool

API usage cases
  • Network scanning
  • Linux Patch management
  • Threat protection
  • No network audit solution

Ways of integration

Integrate Vulners API

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.014 Low

EPSS

Percentile

85.8%

Related for UB:CVE-2011-3189