7.5

CVE-2008-3188

libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpensuseOpensuse Version11.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.5% 0.709
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html
Vendor Advisory
Mailing List
http://secunia.com/advisories/31339
Third Party Advisory
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00008.html
Vendor Advisory
Mailing List
http://secunia.com/advisories/31096
Third Party Advisory
Broken Link
http://www.securityfocus.com/bid/30301
Third Party Advisory
Broken Link
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/43927
Third Party Advisory
VDB Entry