Published: 05/07/2012 Updated: 14/03/2024

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 385

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

The crypt_des (aka DES-based crypt) function in FreeBSD prior to 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent malicious users to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.

Vulnerable Product	Search on Vulmon	Subscribe to Product
postgresql postgresql
freebsd freebsd 5.2.1
freebsd freebsd 7.4
freebsd freebsd 6.1
freebsd freebsd 3.1
freebsd freebsd 6.4
freebsd freebsd 6.3
freebsd freebsd 2.2.5
freebsd freebsd 5.5
freebsd freebsd 8.2
freebsd freebsd 5.4
freebsd freebsd 5.3
freebsd freebsd 2.2.2
freebsd freebsd 2.1.7
freebsd freebsd 4.11
freebsd freebsd 2.0.5
freebsd freebsd 8.0
freebsd freebsd 1.1.5.1
freebsd freebsd 4.5
freebsd freebsd 4.7
freebsd freebsd 7.0
freebsd freebsd
freebsd freebsd 4.1
freebsd freebsd 2.2.8
freebsd freebsd 6.0
freebsd freebsd 4.4
freebsd freebsd 1.0
freebsd freebsd 5.1
freebsd freebsd 7.3
freebsd freebsd 2.2
freebsd freebsd 3.0
freebsd freebsd 5.2
freebsd freebsd 3.2
freebsd freebsd 1.1
freebsd freebsd 8.1
freebsd freebsd 2.1
freebsd freebsd 4.8
freebsd freebsd 4.2
freebsd freebsd 6.2
freebsd freebsd 2.2.6
freebsd freebsd 1.1.5
freebsd freebsd 2.1.6
freebsd freebsd 7.1
freebsd freebsd 7.2
freebsd freebsd 3.3
freebsd freebsd 4.0
freebsd freebsd 4.1.1
freebsd freebsd 4.6
freebsd freebsd 4.3
freebsd freebsd 4.10
freebsd freebsd 3.4
freebsd freebsd 3.5
freebsd freebsd 5.0
freebsd freebsd 2.1.5
freebsd freebsd 2.2.1
freebsd freebsd 4.9
freebsd freebsd 4.6.2
freebsd freebsd 2.2.7
freebsd freebsd 8.3
freebsd freebsd 2.0
php php
debian debian linux 6.0

Synopsis Moderate: postgresql security update Type/Severity Security Advisory: Moderate Topic Updated postgresql packages that fix one security issue are now availablefor Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact A Common Vulnerabi ...

Synopsis Moderate: php security update Type/Severity Security Advisory: Moderate Topic Updated php packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability Scori ...

Synopsis Moderate: postgresql and postgresql84 security update Type/Severity Security Advisory: Moderate Topic Updated postgresql84 and postgresql packages that fix two security issuesare now available for Red Hat Enterprise Linux 5 and 6 respectivelyThe Red Hat Security Response Team has rated this update ...

Synopsis Moderate: php53 security update Type/Severity Security Advisory: Moderate Topic Updated php53 packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability S ...

PostgreSQL could be made to crash or incorrectly handle authentication ...

Several security issues were fixed in PHP ...

A flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the pa ...

Integer overflow in the phar_parse_tarfile function in tarc in the phar extension in PHP before 5314 and 54x before 544 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow The crypt_des (aka DES-based crypt) function in ...

The crypt_des (aka DES-based crypt) function in FreeBSD before 90-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of ...

CWE-310 http://www.postgresql.org/support/security/http://www.postgresql.org/docs/9.1/static/release-9-1-4.html http://git.postgresql.org/gitweb/?p=postgresql.git&a=commit&h=932ded2ed51e8333852e370c7a6dad75d9f236f9 http://www.postgresql.org/docs/8.3/static/release-8-3-19.html http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc https://bugzilla.redhat.com/show_bug.cgi?id=816956 http://www.postgresql.org/docs/8.4/static/release-8-4-12.html http://www.postgresql.org/docs/9.0/static/release-9-0-8.html http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:092 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082294.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082292.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082258.html http://www.debian.org/security/2012/dsa-2491 http://rhn.redhat.com/errata/RHSA-2012-1037.html http://www.securitytracker.com/id?1026995 http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://support.apple.com/kb/HT5501 http://lists.opensuse.org/opensuse-updates/2012-10/msg00024.html http://secunia.com/advisories/49304 http://lists.opensuse.org/opensuse-updates/2012-10/msg00013.html http://lists.opensuse.org/opensuse-updates/2012-09/msg00102.html http://secunia.com/advisories/50718 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=aab49e934de1fff046e659cbec46e3d053b41c34 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2012:1036 https://usn.ubuntu.com/1461-1/

Get Started

CVE-2012-2143

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect