CVE-2002-1657 Information

Description

PostgreSQL uses the username for a salt when generating passwords which makes it easier for remote attackers to guess passwords via a brute force attack.

Reference

http://archives.postgresql.org/pgsql-admin/2002-08/msg00253.php http://marc.info/?l=bugtraq&m=111402558115859&w=2 http://marc.info/?l=bugtraq&m=111403050902165&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/20215