Unrated severityNVD Advisory· Published Aug 25, 2011· Updated Apr 29, 2026
CVE-2011-2483
CVE-2011-2483
Description
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.
Affected products
3Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
22- www.openwall.com/crypt/nvdMailing ListPatchThird Party Advisory
- www.php.net/archive/2011.phpnvdPatchVendor Advisory
- www.postgresql.org/docs/8.4/static/release-8-4-9.htmlnvdPatchVendor Advisory
- kb.juniper.net/InfoCenter/indexnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2011-08/msg00015.htmlnvdThird Party Advisory
- php.net/security/crypt_blowfishnvdThird Party Advisory
- support.apple.com/kb/HT5130nvdThird Party Advisory
- www.debian.org/security/2011/dsa-2340nvdThird Party AdvisoryVDB Entry
- www.debian.org/security/2012/dsa-2399nvdThird Party AdvisoryVDB Entry
- www.php.net/ChangeLog-5.phpnvdThird Party Advisory
- www.securityfocus.com/bid/49241nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1229-1nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/69319nvdThird Party AdvisoryVDB Entry
- freshmeat.net/projects/crypt_blowfishnvdBroken Link
- lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlnvdMailing List
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-1377.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-1378.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-1423.htmlnvdBroken Link
News mentions
0No linked articles in our index yet.