Oval Definition:
oval:org.mitre.oval:def:18286
Revision Date
:
2014-06-23
Version
:
8
Title
:
DSA-2340-1 postgresql - weak password hashing
Description
:
magnum discovered that the blowfish password hashing used amongst others in PostgreSQL contained a weakness that would give passwords with 8 bit characters the same hash as weaker equivalents.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2011-2483
DSA-2340-1
Platform(s)
:
Debian GNU/kFreeBSD 6.0
Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Product(s)
:
postgresql-8.3
postgresql-8.4
Definition Synopsis
Release section
Debian 6.0 is installed
AND
GNU/Linux or GNU/kFreeBSD kernel
Debian GNU/Linux is installed
OR
Debian GNU/kFreeBSD is installed
AND
postgresql-8.4 DPKG is earlier than 8.4.9-0squeeze1
Release section
Debian GNU/Linux 5.0 is installed
AND
postgresql-8.3 DPKG is earlier than 8.3.16-0lenny1
BACK