request-tracker: unsalted password hashing
| Package(s): | request-tracker3.6 | CVE #(s): | CVE-2011-0009 | ||||
| Created: | January 24, 2011 | Updated: | May 25, 2012 | ||||
| Description: | From the Debian advisory:
It was discovered that Request Tracker, an issue tracking system, stored passwords in its database by using an insufficiently strong hashing method. If an attacker would have access to the password database, he could decode the passwords stored in it. | ||||||
| Alerts: |
| ||||||