New Search

BusyBox 1.1.1 does not use a salt when generating passwords which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.

oval:org.mitre.oval:def:9483

BusyBox 1.1.1 does not use a salt when generating passwords which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Oracle Linux 4
  • Red Hat Enterprise Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2006-1058
Product(s):