CVE-2008-6792
Severity CVSS v4.0:
Pending analysis
Type:
CWE-310
Cryptographic Issues
Publication date:
07/05/2009
Last modified:
09/04/2025
Description
system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by "Users and Groups" in GNOME System Tools, hashes account passwords with 3DES and consequently limits effective password lengths to eight characters, which makes it easier for context-dependent attackers to successfully conduct brute-force password attacks.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:ubuntu:linux:8.10:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://osvdb.org/50037
- http://secunia.com/advisories/32566
- http://www.ubuntu.com/usn/usn-663-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50435
- https://launchpad.net/bugs/287134
- http://osvdb.org/50037
- http://secunia.com/advisories/32566
- http://www.ubuntu.com/usn/usn-663-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50435
- https://launchpad.net/bugs/287134