Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1058

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-1058
Last Modified 21 Aug 2010 12:42:30
Published 04 Apr 2006 06:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1058

Summary

BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.

Vulnerable Systems

Application

  • Busybox 1.1.1


References

XF - busybox-passwd-weak-security(25569)

BID - 17330

SECUNIA - 19477

CONFIRM - http://bugs.busybox.net/view.php?id=604

REDHAT - RHSA-2007:0244

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2007-250.htm

SECUNIA - 25848

SECUNIA - 25098


Last Updated: 27 May 2016 10:41:54