Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value


Disclosure Date: February 08, 2006 (last updated October 04, 2023)
The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a stolen password file due to the increased number of collisions.