Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6792


Vulnerability Score 5.0 5.0
CVE Id CVE-2008-6792
Last Modified 16 May 2009 01:28:38
Published 07 May 2009 01:30:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by "Users and Groups" in GNOME System Tools, hashes account passwords with 3DES and consequently limits effective password lengths to eight characters, which makes it easier for context-dependent attackers to successfully conduct brute-force password attacks.

Vulnerable Systems

Operating System

  • Ubuntu Linux 8.10



XF - stb-password-weak-security(50435)

UBUNTU - USN-663-1

SECUNIA - 32566

OSVDB - 50037

Last Updated: 27 May 2016 10:49:20