Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6792

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-6792
Last Modified 16 May 2009 01:28:38
Published 07 May 2009 01:30:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6792

Summary

system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by "Users and Groups" in GNOME System Tools, hashes account passwords with 3DES and consequently limits effective password lengths to eight characters, which makes it easier for context-dependent attackers to successfully conduct brute-force password attacks.

Vulnerable Systems

Operating System

  • Ubuntu Linux 8.10


References

CONFIRM - https://launchpad.net/bugs/287134

XF - stb-password-weak-security(50435)

UBUNTU - USN-663-1

SECUNIA - 32566

OSVDB - 50037


Last Updated: 27 May 2016 10:49:20