CVE-2012-3798 Information

Description

The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal when creating a local user account allows attackers to obtain part of the initial input used to generate passwords which makes it easier to conduct brute force password guessing attacks.

Reference

http://drupal.org/node/1632702 http://drupal.org/node/1632704 http://drupal.org/node/1632734 http://osvdb.org/82957