CVE-2011-0009

Severity

43%

Complexity

86%

Confidentiality

48%

Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-dependent attackers to determine cleartext passwords via a brute-force attack on the database.

Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-dependent attackers to determine cleartext passwords via a brute-force attack on the database.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N).

Overview

Type

Best Practical Solutions RT

First reported 14 years ago

2011-01-25 19:00:00

Last updated 13 years ago

2011-07-20 04:00:00

Affected Software

Best Practical Solutions RT 3.0.0

3.0.0

Best Practical Solutions RT 3.0.1

3.0.1

Best Practical Solutions RT 3.0.2

3.0.2

Best Practical Solutions RT 3.0.3

3.0.3

Best Practical Solutions RT 3.0.4

3.0.4

Best Practical Solutions RT 3.0.5

3.0.5

Best Practical Solutions RT 3.0.6

3.0.6

Best Practical Solutions RT 3.0.7

3.0.7

Best Practical Solutions RT 3.0.7.1

3.0.7.1

Best Practical Solutions RT 3.0.8

3.0.8

Best Practical Solutions RT 3.0.9

3.0.9

Best Practical Solutions RT 3.0.10

3.0.10

Best Practical Solutions RT 3.0.10 Pre 1

3.0.10

Best Practical Solutions RT 3.0.10 Pre 2

3.0.10

Best Practical Solutions RT 3.0.10 Release Candidate 1

3.0.10

Best Practical Solutions RT 3.0.11

3.0.11

Best Practical Solutions RT 3.0.11 Release Candidate 2

3.0.11

Best Practical Solutions RT 3.0.11 Release Candidate 3

3.0.11

Best Practical Solutions RT 3.0.11 Release Candidate 4

3.0.11

Best Practical Solutions RT 3.0.12

3.0.12

Best Practical Solutions RT 3.1.2

3.1.2

Best Practical Solutions RT 3.1.3

3.1.3

Best Practical Solutions RT 3.1.4

3.1.4

Best Practical Solutions RT 3.1.5

3.1.5

Best Practical Solutions RT 3.1.6

3.1.6

Best Practical Solutions RT 3.1.7

3.1.7

Best Practical Solutions RT 3.1.8

3.1.8

Best Practical Solutions RT 3.1.10

3.1.10

Best Practical Solutions RT 3.1.11

3.1.11

Best Practical Solutions RT 3.1.12

3.1.12

Best Practical Solutions RT 3.1.13

3.1.13

Best Practical Solutions RT 3.1.14

3.1.14

Best Practical Solutions RT 3.1.15

3.1.15

Best Practical Solutions RT 3.1.16

3.1.16

Best Practical Solutions RT 3.1.17

3.1.17

Best Practical Solutions RT 3.2.0

3.2.0

Best Practical Solutions RT 3.2.0 Release Candidate 1

3.2.0

Best Practical Solutions RT 3.2.0 Release Candidate 2

3.2.0

Best Practical Solutions RT 3.2.0 Release Candidate 3

3.2.0

Best Practical Solutions RT 3.2.0 Release Candidate 4

3.2.0

Best Practical Solutions RT 3.2.1

3.2.1

Best Practical Solutions RT 3.2.1 Release Candidate 1

3.2.1

Best Practical Solutions RT 3.2.1 Release Candidate 2

3.2.1

Best Practical Solutions RT 3.2.1 Release Candidate 3

3.2.1

Best Practical Solutions RT 3.2.1 Release Candidate 4

3.2.1

Best Practical Solutions RT 3.2.2

3.2.2

Best Practical Solutions RT 3.2.2 Release Candidate 1

3.2.2

Best Practical Solutions RT 3.2.3

3.2.3

Best Practical Solutions RT 3.2.3 Release Candidate 1

3.2.3

Best Practical Solutions RT 3.2.3 Release Candidate 2

3.2.3

Best Practical Solutions RT 3.4.0

3.4.0

Best Practical Solutions RT 3.4.0 Release Candidate 1

3.4.0

Best Practical Solutions RT 3.4.0 Release Candidate 2

3.4.0

Best Practical Solutions RT 3.4.0 Release Candidate 3

3.4.0

Best Practical Solutions RT 3.4.0 Release Candidate 4

3.4.0

Best Practical Solutions RT 3.4.0 Release Candidate 5

3.4.0

Best Practical Solutions RT 3.4.0 Release Candidate 6

3.4.0

Best Practical Solutions RT 3.4.1

3.4.1

Best Practical Solutions RT 3.4.2

3.4.2

Best Practical Solutions RT 3.4.2 Release Candidate 1

3.4.2

Best Practical Solutions RT 3.4.2 Release Candidate 2

3.4.2

Best Practical Solutions RT 3.4.3

3.4.3

Best Practical Solutions RT 3.4.3 Release Candidate 1

3.4.3

Best Practical Solutions RT 3.4.3 Release Candidate 2

3.4.3

Best Practical Solutions RT 3.4.4

3.4.4

Best Practical Solutions RT 3.4.4 Pre 1

3.4.4

Best Practical Solutions RT 3.4.4 Pre 2

3.4.4

Best Practical Solutions RT 3.4.4 Pre 3

3.4.4

Best Practical Solutions RT 3.4.5

3.4.5

Best Practical Solutions RT 3.4.5 Pre 1

3.4.5

Best Practical Solutions RT 3.4.5 Release Candidate 1

3.4.5

Best Practical Solutions RT 3.4.5 Release Candidate 2

3.4.5

Best Practical Solutions RT 3.4.6

3.4.6

Best Practical Solutions RT 3.4.6 Release Candidate 1

3.4.6

Best Practical Solutions RT 3.4.6 Release Candidate 2

3.4.6

Best Practical Solutions RT 3.4.7 Release Candidate 1

3.4.7

Best Practical Solutions RT 3.5.1

3.5.1

Best Practical Solutions RT 3.5.2

3.5.2

Best Practical Solutions RT 3.5.3

3.5.3

Best Practical Solutions RT 3.5.4

3.5.4

Best Practical Solutions RT 3.5.5

3.5.5

Best Practical Solutions RT 3.5.6

3.5.6

Best Practical Solutions RT 3.5.7

3.5.7

Best Practical Solutions RT 3.6.0

3.6.0

Best Practical Solutions RT 3.6.0 Pre 0

3.6.0

Best Practical Solutions RT 3.6.0 Pre 1

3.6.0

Best Practical Solutions RT 3.6.0 Release Candidate 1

3.6.0

Best Practical Solutions RT 3.6.0 Release Candidate 2

3.6.0

Best Practical Solutions RT 3.6.0 Release Candidate 3

3.6.0

Best Practical Solutions RT 3.6.1

3.6.1

Best Practical Solutions RT 3.6.1 Pre 2

3.6.1

Best Practical Solutions RT 3.6.1 Release Candidate 1

3.6.1

Best Practical Solutions RT 3.6.1 Release Candidate 2

3.6.1

Best Practical Solutions RT 3.6.2

3.6.2

Best Practical Solutions RT 3.6.2 Release Candidate 1

3.6.2

Best Practical Solutions RT 3.6.2 Release Candidate 3

3.6.2

Best Practical Solutions RT 3.6.2 Release Candidate 4

3.6.2

Best Practical Solutions RT 3.6.2 Release Candidate 5

3.6.2

Best Practical Solutions RT 3.6.3

3.6.3

Best Practical Solutions RT 3.6.3 Release Candidate 1

3.6.3

Best Practical Solutions RT 3.6.3 Release Candidate 2

3.6.3

Best Practical Solutions RT 3.6.3 Release Candidate 3

3.6.3

Best Practical Solutions RT 3.6.3 Release Candidate 4

3.6.3

Best Practical Solutions RT 3.6.4

3.6.4

Best Practical Solutions RT 3.6.4 Release Candidate 1

3.6.4

Best Practical Solutions RT 3.6.4 Release Candidate 2

3.6.4

Best Practical Solutions RT 3.6.5

3.6.5

Best Practical Solutions RT 3.6.5 Release Candidate 1

3.6.5

Best Practical Solutions RT 3.6.5 Release Candidate 2

3.6.5

Best Practical Solutions RT 3.6.6

3.6.6

Best Practical Solutions RT 3.6.6 Release Candidate 1

3.6.6

Best Practical Solutions RT 3.6.6 Release Candidate 2

3.6.6

Best Practical Solutions RT 3.6.6 Release Candidate 3

3.6.6

Best Practical Solutions RT 3.6.7

3.6.7

Best Practical Solutions RT 3.6.8

3.6.8

Best Practical Solutions RT 3.6.9

3.6.9

Best Practical Solutions RT 3.7.1

3.7.1

Best Practical Solutions RT 3.7.5

3.7.5

Best Practical Solutions RT 3.7.80

3.7.80

Best Practical Solutions RT 3.7.85

3.7.85

Best Practical Solutions RT 3.7.86

3.7.86

Best Practical Solutions RT 3.8.0

3.8.0

Best Practical Solutions RT 3.8.0 Release Candidate 1

3.8.0

Best Practical Solutions RT 3.8.0 Release Candidate 2

3.8.0

Best Practical Solutions RT 3.8.0 Release Candidate 3

3.8.0

Best Practical Solutions RT 3.8.1

3.8.1

Best Practical Solutions RT 3.8.1 Release Candidate 1

3.8.1

Best Practical Solutions RT 3.8.1 Release Candidate 2

3.8.1

Best Practical Solutions RT 3.8.1 Release Candidate 3

3.8.1

Best Practical Solutions RT 3.8.1 Release Candidate 4

3.8.1

Best Practical Solutions RT 3.8.1 Release Candidate 5

3.8.1

Best Practical Solutions RT 3.8.2

3.8.2

Best Practical Solutions RT 3.8.2 Release Candidate 1

3.8.2

Best Practical Solutions RT 3.8.2 Release Candidate 2

3.8.2

Best Practical Solutions RT 3.8.3

3.8.3

Best Practical Solutions RT 3.8.3 Release Candidate 1

3.8.3

Best Practical Solutions RT 3.8.3 Release Candidate 2

3.8.3

Best Practical Solutions RT 3.8.4

3.8.4

Best Practical Solutions RT 3.8.4 Release Candidate 1

3.8.4

Best Practical Solutions RT 3.8.5

3.8.5

Best Practical Solutions RT 3.8.6

3.8.6

Best Practical Solutions RT 3.8.6 Release Candidate 1

3.8.6

Best Practical Solutions RT 3.8.7 Release Candidate 1

3.8.7

Best Practical Solutions RT 3.8.8 Release Candidate 2

3.8.8

Best Practical Solutions RT 3.8.8 Release Candidate 3

3.8.8

Best Practical Solutions RT 3.8.8 Release Candidate 4

3.8.8

Best Practical Solutions RT 4.0.0 Release Candidate 1

4.0.0

Best Practical Solutions RT 4.0.0 Release Candidate 2

4.0.0

Best Practical Solutions RT 4.0.0 Release Candidate 3

4.0.0

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610850

Patch

[rt-announce] 20110119 Security vulnerability in RT 3.0 and up

Patch

FEDORA-2011-1677

70661

43438

Vendor Advisory

DSA-2150

45959

ADV-2011-0190

Vendor Advisory

ADV-2011-0475

Vendor Advisory

ADV-2011-0576

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=672250

Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.