CVE-2017-7252

Опубликовано: 03 нояб. 2023

Источник: debian

Описание

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
botan1.10	not-affected			package

Примечания

Bug introduced in 1.11.0, fixed in 2.1.0.

Связанные уязвимости

CVE-2017-7252

CVSS3: 7.5

ubuntu

больше 2 лет назад

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.

CVE-2017-7252

CVSS3: 7.5

nvd

больше 2 лет назад

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.

GHSA-qhqh-9m2p-r8vv

CVSS3: 7.5

github

больше 2 лет назад

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.