Medium severity5.5NVD Advisory· Published Apr 4, 2006· Updated Apr 16, 2026

CVE-2006-1058

Description

BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.

Affected products

Avaya/Aura Application Enablement Services2 versions
cpe:2.3:a:avaya:aura_application_enablement_services:4.01:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:avaya:aura_application_enablement_services:4.01:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_enablement_services:4.1:*:*:*:*:*:*:*
Avaya/Aura Sip Enablement Services
cpe:2.3:a:avaya:aura_sip_enablement_services:*:*:*:*:*:*:*:*
Range: <5.0
Avaya/Message Networking
cpe:2.3:a:avaya:message_networking:*:*:*:*:*:*:*:*
Avaya/Messaging Storage Server
cpe:2.3:a:avaya:messaging_storage_server:*:*:*:*:*:*:*:*
Range: >=3.0,<4.0
Busybox/Busybox
cpe:2.3:a:busybox:busybox:1.1.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19477nvdBroken LinkVendor Advisory
support.avaya.com/elmodocs2/security/ASA-2007-250.htmnvdThird Party Advisory
www.securityfocus.com/bid/17330nvdBroken LinkThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/25569nvdThird Party AdvisoryVDB Entry
bugs.busybox.net/view.phpnvdBroken Link
secunia.com/advisories/25098nvdBroken Link
secunia.com/advisories/25848nvdBroken Link
www.redhat.com/support/errata/RHSA-2007-0244.htmlnvdBroken Link
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9483nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000