Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2011-3189 |
Description: | The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483. |
Test IDs: | 1.3.6.1.4.1.25623.1.0.802329 |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-3189 http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://www.openwall.com/lists/oss-security/2011/08/23/4 http://osvdb.org/74726 http://secunia.com/advisories/45678 XForce ISS Database: php-crypt-security-bypass(69429) https://exchange.xforce.ibmcloud.com/vulnerabilities/69429 |