TITLE:
Openwall crypt_blowfish Salt Generation Weakness

SECUNIA ADVISORY ID:
SA18772

VERIFY ADVISORY:
http://secunia.com/advisories/18772/

CRITICAL:
Not critical

IMPACT:
Exposure of sensitive information

WHERE:
>From remote

SOFTWARE:
Openwall crypt_blowfish 1.x
http://secunia.com/product/7829/

DESCRIPTION:
A weakness has been reported in Openwall crypt_blowfish, which
potentially can be exploited by malicious people to disclose certain
sensitive information.

The weakness is caused due to signedness errors in crypt_gensalt.c.
This may cause certain extended-DES-based and MD5-based password
hashes to be generated using the same salt.

Successful exploitation allows the hashes to be tested against
candidate passwords at a faster effective rate.

The weakness has been reported in version 0.4.7 and prior.

SOLUTION:
Update to version 1.0
http://www.openwall.com/crypt/

PROVIDED AND/OR DISCOVERED BY:
The vendor credits Marko Kreen.

ORIGINAL ADVISORY:
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/glibc/crypt_blowfish/crypt_gensalt.c?only_with_tag=CRYPT_BLOWFISH_1_0

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------