Hi Martin,
On Tuesday 04 March 2008, Martin Steigerwald wrote:
> htpasswd does weak password salt generation.
the problem is not very severe. Unless an attacker wants to crack a
significant number of passwords that were created in the same second
(and therefore got the same salt), this weakness
Package: apache2-utils
Version: 2.2.3-4+etch4
Severity: normal
According to
https://issues.apache.org/bugzilla/show_bug.cgi?id=31440
and
http://www.heise.de/newsticker/meldung/103666/
(sorry german only, but does contain example how to reproduce the
problem)
htpasswd does weak password salt g
2 matches
Mail list logo
