This means that the hash for username "foobar" with expiration "20080507" is the same as the hash for username "foo" with expiration "bar20080507".
Doesn't the "secret" that was concatenated at the end affect anything here? I suspect the explanation of the vulnerability misses some detail.
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds