Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2011-3268

Disclosure Date: August 25, 2011 (last updated October 04, 2023)
Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483.
0
Attacker Value
Unknown

CVE-2011-2483

Disclosure Date: August 25, 2011 (last updated October 26, 2023)
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.
0
Attacker Value
Unknown

CVE-2011-3189

Disclosure Date: August 25, 2011 (last updated October 04, 2023)
The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483.
0