CVE-2008-3188 Information

Description

libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm which makes it easier for attackers to conduct brute-force attacks against hashed passwords.

Reference

http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html http://secunia.com/advisories/31096 http://secunia.com/advisories/31339 http://www.securityfocus.com/bid/30301 https://exchange.xforce.ibmcloud.com/vulnerabilities/43927