CVE-2008-3188

EPSS 0.71%
Published 22.07.2008 16:41:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords.

Affected products Warnungen 0 Metrics 3 CWE 1 References 9

Data is provided by the National Vulnerability Database (NVD)

Opensuse ≫ Opensuse Version11.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.71%	0.713

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html

Vendor Advisory

Mailing List

http://secunia.com/advisories/31339

Third Party Advisory

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00008.html

Vendor Advisory

Mailing List

http://secunia.com/advisories/31096

Third Party Advisory

Broken Link

http://www.securityfocus.com/bid/30301

Third Party Advisory

Broken Link

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/43927

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2008-3188

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-3188

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-3188

EUVD