CVE-2008-3188

EPSS 0.71%
Veröffentlicht 22.07.2008 16:41:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Opensuse ≫ Opensuse Version11.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.71%	0.713

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html

Vendor Advisory

Mailing List

http://secunia.com/advisories/31339

Third Party Advisory

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00008.html

Vendor Advisory

Mailing List

http://secunia.com/advisories/31096

Third Party Advisory

Broken Link

http://www.securityfocus.com/bid/30301

Third Party Advisory

Broken Link

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/43927

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2008-3188

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-3188

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-3188

EUVD