|
|
Log in / Subscribe / Register

jBCrypt: integer overflow

Package(s):jBCrypt CVE #(s):CVE-2015-0886
Created:March 16, 2015 Updated:March 18, 2015
Description: From the CVE entry:

Integer overflow in the crypt_raw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent.

Alerts:
Fedora FEDORA-2015-2994 jBCrypt 2015-03-13
Fedora FEDORA-2015-3032 jBCrypt 2015-03-13
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds