ID | CVE-2009-4269 | ||||||
Sažetak | The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution. | ||||||
Reference |
|
||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:L/AC:L/Au:N/C:P/I:N/A:N | ||||||
Zadnje važnije ažuriranje | 26-01-2011 - 06:41 | ||||||
Objavljeno | 16-08-2010 - 20:00 |