CVE-2011-0009
published 2011-01-25CVE-2011-0009: Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-dependent…
PriorityP420medium4.3CVSS 2.0
AVNACMAuNCPINAN
EPSS
1.88%
76.8th percentile
Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-dependent attackers to determine cleartext passwords via a brute-force attack on the database.
Affected
85 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bestpractical | rt | <= 3.8.9 | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv4.3MEDIUM
vendor_debian4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pxc3-v4rj-fc78: The vulnerable-passwords script in Best Practical Solutions RT 3
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2011-2082 [MEDIUM] GHSA-pxc3-v4rj-fc78: The vulnerable-passwords script in Best Practical Solutions RT 3
The vulnerable-passwords script in Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not update the password-hash algorithm for disabled user accounts, which makes it easier for context-dependent attackers to determine cleartext passwords, and possibly use these passwords after accounts are re-enabled, via a brute-force attack on the database. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0009.
GHSA
GHSA-297v-jphp-x99g: Best Practical Solutions RT 3
ghsa_unreviewed·2022-05-03
CVE-2011-0009 [MEDIUM] GHSA-297v-jphp-x99g: Best Practical Solutions RT 3
Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-dependent attackers to determine cleartext passwords via a brute-force attack on the database.
OSV
CVE-2011-2082: The vulnerable-passwords script in Best Practical Solutions RT 3
osv·2012-06-04·CVSS 4.3
CVE-2011-2082 [MEDIUM] CVE-2011-2082: The vulnerable-passwords script in Best Practical Solutions RT 3
The vulnerable-passwords script in Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not update the password-hash algorithm for disabled user accounts, which makes it easier for context-dependent attackers to determine cleartext passwords, and possibly use these passwords after accounts are re-enabled, via a brute-force attack on the database. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0009.
Debian
CVE-2011-2082: request-tracker4 - The vulnerable-passwords script in Best Practical Solutions RT 3.x before 3.8.12...
vendor_debian·2011·CVSS 4.3
CVE-2011-2082 [MEDIUM] CVE-2011-2082: request-tracker4 - The vulnerable-passwords script in Best Practical Solutions RT 3.x before 3.8.12...
The vulnerable-passwords script in Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not update the password-hash algorithm for disabled user accounts, which makes it easier for context-dependent attackers to determine cleartext passwords, and possibly use these passwords after accounts are re-enabled, via a brute-force attack on the database. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0009.
Scope: local
bookworm: resolved (fixed in 4.0.5-3)
bullseye: resolved (fixed in 4.0.5-3)
sid: resolved (fixed in 4.0.5-3)
No detection rules found.
No public exploits indexed.
Bugzilla
rt3: Multiple security flaws fixed in upstream v3.8.12 and v4.0.6 versions
bugzilla·2012-05-22·CVSS 4.3
CVE-2011-0009 [MEDIUM] rt3: Multiple security flaws fixed in upstream v3.8.12 and v4.0.6 versions
rt3: Multiple security flaws fixed in upstream v3.8.12 and v4.0.6 versions
Request Tracker (RT) upstream has announced upstream v3.8.12 and v4.0.6 versions:
http://blog.bestpractical.com/2012/05/security-vulnerabilities-in-rt.html
correcting the following security flaws:
The previously released tool to upgrade weak password hashes as part of CVE-2011-0009 was an incomplete fix and failed to upgrade passwords of disabled users. This release includes an updated version of the vulnerable-passwords tool, which should be run again to upgrade the remaining password hashes. CVE-2011-2082 is assigned to this vulnerability.
RT versions 3.0 and above contain a number of cross-site scripting (XSS) vulnerabilities which allow an attacker to run JavaScript with the user's credentials. CVE-2011-2083
Bugzilla
CVE-2011-0009 CVE-2011-1008 CVE-2011-1007 rt3 various flaws [epel-6]
bugzilla·2011-02-24·CVSS 4.3
CVE-2011-0009 [MEDIUM] CVE-2011-0009 CVE-2011-1008 CVE-2011-1007 rt3 various flaws [epel-6]
CVE-2011-0009 CVE-2011-1008 CVE-2011-1007 rt3 various flaws [epel-6]
epel-6 tracking bug for rt3: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
Discussion:
Adding parent bug CVE-2011-1008
New bodhi update url:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=672250,679411
---
Adding parent bug CVE-2011-1007
New bodhi update url:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=672250,679411,679396
---
EPEL6 has 3.8.13, so this is resolved.
Bugzilla
CVE-2011-0009 RT3: Insecure hashing algorithm used for storage of user passwords [fedora-all]
bugzilla·2011-01-24·CVSS 4.3
CVE-2011-0009 [MEDIUM] CVE-2011-0009 RT3: Insecure hashing algorithm used for storage of user passwords [fedora-all]
CVE-2011-0009 RT3: Insecure hashing algorithm used for storage of user passwords [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=672250
Please note: this iss
Bugzilla
CVE-2011-0009 RT3: Insecure hashing algorithm used for storage of user passwords
bugzilla·2011-01-24·CVSS 4.3
CVE-2011-0009 [MEDIUM] CVE-2011-0009 RT3: Insecure hashing algorithm used for storage of user passwords
CVE-2011-0009 RT3: Insecure hashing algorithm used for storage of user passwords
It was found that Request Tracker, a ticket tracking and management
system, stored user passwords in its database by using insufficiently
secure hashing algorithm. A local attacker, able to gain read access
to the RT's database could use this flaw to conduct brute force
password guessing attacks, potentially leading to disclosure of
users' passwords.
References:
[1] http://lists.bestpractical.com/pipermail/rt-announce/2011-January/000185.html
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610850
[3] http://www.debian.org/security/2011/dsa-2150
RT Development Snapshots archive URL:
[4] http://download.bestpractical.com/pub/rt/devel/
Discussion:
This issue affects the versions of the rt3 package, as s
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610850http://lists.bestpractical.com/pipermail/rt-announce/2011-January/000185.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/054740.htmlhttp://osvdb.org/70661http://secunia.com/advisories/43438http://www.debian.org/security/2011/dsa-2150http://www.securityfocus.com/bid/45959http://www.vupen.com/english/advisories/2011/0190http://www.vupen.com/english/advisories/2011/0475http://www.vupen.com/english/advisories/2011/0576https://bugzilla.redhat.com/show_bug.cgi?id=672250https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3Ehttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610850http://lists.bestpractical.com/pipermail/rt-announce/2011-January/000185.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/054740.htmlhttp://osvdb.org/70661http://secunia.com/advisories/43438http://www.debian.org/security/2011/dsa-2150http://www.securityfocus.com/bid/45959http://www.vupen.com/english/advisories/2011/0190http://www.vupen.com/english/advisories/2011/0475http://www.vupen.com/english/advisories/2011/0576https://bugzilla.redhat.com/show_bug.cgi?id=672250https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
2011-01-25
Published