Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-4440

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-4440
Last Modified 10 Sep 2015 11:26:24
Published 19 Dec 2014 10:59:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-4440

Summary

Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

Vulnerable Systems

Application

  • Pwgen Project Pwgen 2.06


References

CONFIRM - http://sourceforge.net/p/pwgen/code/ci/00118ccac4656adb028504639b313d7b09e62b79/

MLIST - [oss-security] 20141015 Re: RESEND: CVE Request: pwgen

MLIST - [oss-security] 20140606 Re: CVE Request: pwgen

FEDORA - FEDORA-2014-16473

FEDORA - FEDORA-2014-16406

FEDORA - FEDORA-2014-16368

MANDRIVA - MDVSA-2015:008

CONFIRM - http://advisories.mageia.org/MGASA-2014-0535.html


Last Updated: 27 May 2016 11:08:12