libcrypt 'crypt()' Password Encryption Weakness
BID:53729
Info
libcrypt 'crypt()' Password Encryption Weakness
| Bugtraq ID: | 53729 |
| Class: | Design Error |
| CVE: |
CVE-2012-2143 |
| Remote: | Yes |
| Local: | Yes |
| Published: | May 30 2012 12:00AM |
| Updated: | Apr 13 2015 09:31PM |
| Credit: | Rubin Xu, Joseph Bonneau, Donting Yu |
| Vulnerable: |
Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 Turbolinux Client 2008 Turbolinux Appliance Server 3.0 x64 Turbolinux Appliance Server 3.0 Turbolinux 11 Server x64 Turbolinux 11 Server 0 SuSE SUSE Linux Enterprise Server for VMware 11 SP2 SuSE SUSE Linux Enterprise Server 11 SP2 SuSE SUSE Linux Enterprise SDK 11 SP2 Redhat Enterprise Linux Workstation Optional 6 Redhat Enterprise Linux Workstation 6 Redhat Enterprise Linux Server Optional 6 Redhat Enterprise Linux Server 6 Redhat Enterprise Linux HPC Node Optional 6 Redhat Enterprise Linux HPC Node 6 Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux Desktop Optional 6 Redhat Enterprise Linux Desktop 6 Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux 5 Server PostgreSQL PostgreSQL 9.1.3 PostgreSQL PostgreSQL 9.0.7 PostgreSQL PostgreSQL 9.0.3 PostgreSQL PostgreSQL 9.0.1 PostgreSQL PostgreSQL 9.0 PostgreSQL PostgreSQL 9.1 PostgreSQL PostgreSQL 9.0.1 PostgreSQL PostgreSQL 9.0 PHP PHP 5.4.3 PHP PHP 5.4.2 PHP PHP 5.4.1 PHP PHP 5.3.13 PHP PHP 5.3.12 PHP PHP 5.3.9 PHP PHP 5.3.8 PHP PHP 5.3.7 PHP PHP 5.3.6 PHP PHP 5.3.5 PHP PHP 5.3.2 PHP PHP 5.3.1 PHP PHP 5.3 PHP PHP 5.2.17 PHP PHP 5.2.15 PHP PHP 5.2.13 PHP PHP 5.2.12 PHP PHP 5.2.11 PHP PHP 5.2.10 PHP PHP 5.2.9 -2 PHP PHP 5.2.9 PHP PHP 5.2.8 PHP PHP 5.2.7 PHP PHP 5.2.6 PHP PHP 5.2.5 PHP PHP 5.2.4 PHP PHP 5.2.3 PHP PHP 5.2.2 PHP PHP 5.2.1 PHP PHP 5.1.6 PHP PHP 5.1.5 PHP PHP 5.1.4 PHP PHP 5.1.3 -RC1 PHP PHP 5.1.3 PHP PHP 5.1.2 PHP PHP 5.1.1 PHP PHP 5.1 PHP PHP 5.0.5 PHP PHP 5.0.4 PHP PHP 5.0.3 PHP PHP 5.0.2 PHP PHP 5.0.1 PHP PHP 5.0 candidate 3 PHP PHP 5.0 candidate 2 PHP PHP 5.0 candidate 1 PHP PHP 5.0 .0 PHP PHP 6.0 dev PHP PHP 6.0 PHP PHP 5.5.0-DEV PHP PHP 5.4SVN-2012-02-03 PHP PHP 5.4.1RC1-DEV PHP PHP 5.4.0beta2 PHP PHP 5.3.5 PHP PHP 5.3.4 RC1 PHP PHP 5.3.4 PHP PHP 5.3.3 PHP PHP 5.3.11 PHP PHP 5.3.10 PHP PHP 5.2.14 PHP PHP 5.2 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 Oracle Enterprise Linux 5 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Linux Mandrake 2010.1 x86_64 Mandriva Linux Mandrake 2010.1 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 libcrypt libcrypt 0 IBM Tivoli Netcool Performance Manager (TNPM Wireless) 1.2.1 Gentoo Linux FreeBSD FreeBSD 9.0-STABLE FreeBSD FreeBSD 9.0-RELEASE FreeBSD FreeBSD 9.0-RC3 FreeBSD FreeBSD 9.0-RC1 FreeBSD FreeBSD 8.3-STABLE FreeBSD FreeBSD 8.2-STABLE FreeBSD FreeBSD 8.2-STABLE FreeBSD FreeBSD 8.2-RELEASE-p2 FreeBSD FreeBSD 8.2-RELEASE-p1 FreeBSD FreeBSD 8.2 - RELEASE -p3 FreeBSD FreeBSD 8.2 FreeBSD FreeBSD 8.1-STABLE FreeBSD FreeBSD 8.1-RELENG FreeBSD FreeBSD 8.1-RELEASE-p5 FreeBSD FreeBSD 8.1-RELEASE-p4 FreeBSD FreeBSD 8.1-RELEASE-p1 FreeBSD FreeBSD 8.1-RELEASE FreeBSD FreeBSD 8.1-PRERELEASE FreeBSD FreeBSD 8.1 FreeBSD FreeBSD 7.4-STABLE FreeBSD FreeBSD 7.4-RELEASE-p2 FreeBSD FreeBSD 7.4 -RELEASE-p3 FreeBSD FreeBSD 7.4 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Check Point Software Check Point IPSO 6.2 Avaya Voice Portal 5.1 SP2 Avaya Voice Portal 5.1 SP1 Avaya Voice Portal 5.1 Avaya Voice Portal 5.0 SP2 Avaya Voice Portal 5.0 SP1 Avaya Voice Portal 5.0 Avaya Meeting Exchange 5.2 Avaya Meeting Exchange 5.1 Avaya Meeting Exchange 5.0 Avaya Conferencing Standard Edition 6.0 Avaya Aura System Manager 6.2 Avaya Aura System Manager 6.1.5 Avaya Aura System Manager 6.1.3 Avaya Aura System Manager 6.1.2 Avaya Aura System Manager 6.1.1 Avaya Aura System Manager 6.1 SP2 Avaya Aura System Manager 6.1 Sp1 Avaya Aura System Manager 6.1 Avaya Aura System Manager 6.0 SP1 Avaya Aura System Manager 6.0 Avaya Aura System Manager 5.2 Avaya Aura Session Manager 6.1.5 Avaya Aura Session Manager 6.1.3 Avaya Aura Session Manager 6.1.2 Avaya Aura Session Manager 6.1.1 Avaya Aura Session Manager 6.2 Avaya Aura Session Manager 6.1 Avaya Aura Session Manager 6.0 Avaya Aura Session Manager 5.2.1 Avaya Aura Session Manager 5.2 Avaya Aura Session Manager 1.1 Avaya Aura Presence Services 6.1.2 Avaya Aura Presence Services 6.1.1 Avaya Aura Presence Services 6.1 Avaya Aura Presence Services 6.0 Avaya Aura Experience Portal 6.0.1 Avaya Aura Communication Manager Utility Services 6.2 Avaya Aura Communication Manager Utility Services 6.1 Avaya Aura Application Enablement Services 5.2.1 Avaya Aura Application Enablement Services 6.1.1 Avaya Aura Application Enablement Services 6.1 Avaya Aura Application Enablement Services 5.2.3 Avaya Aura Application Enablement Services 5.2.2 Avaya Aura Application Enablement Services 5.2 Apple Mac OS X Server 10.7.5 Apple Mac OS X Server 10.7.3 Apple Mac OS X Server 10.7.2 Apple Mac OS X Server 10.7.1 Apple Mac OS X Server 10.7 Apple Mac OS X Server 10.6.8 Apple Mac OS X 10.8.1 Apple Mac OS X 10.8 Apple Mac OS X 10.7.4 Apple Mac OS X 10.7.3 Apple Mac OS X 10.7.2 Apple Mac OS X 10.7.1 Apple Mac OS X 10.7 Apple Mac OS X 10.6.8 |
| Not Vulnerable: |
PHP PHP 5.4.4 PHP PHP 5.3.14 Avaya Aura Session Manager 6.3 Apple Mac OS X 10.8.2 Apple Mac OS X 10.7.5 |
Discussion
libcrypt 'crypt()' Password Encryption Weakness
libcrypt is prone to a password-encryption weakness.
An attacker can leverage this issue to bypass authentication mechanism of application using the affected 'crypt()' function to encrypt its users' passwords. Successful exploits can aid in launching further attacks.
libcrypt is prone to a password-encryption weakness.
An attacker can leverage this issue to bypass authentication mechanism of application using the affected 'crypt()' function to encrypt its users' passwords. Successful exploits can aid in launching further attacks.
Exploit / POC
libcrypt 'crypt()' Password Encryption Weakness
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
libcrypt 'crypt()' Password Encryption Weakness
Solution:
Updates are available. Please see the references for more information.
Apple Mac OS X 10.6.8
Apple Mac OS X 10.7.3
MandrakeSoft Enterprise Server 5
Apple Mac OS X 10.8.1
Solution:
Updates are available. Please see the references for more information.
Apple Mac OS X 10.6.8
-
Apple SecUpd2012-004.dmg
For Mac OS X v10.6.8
http://www.apple.com/support/downloads/
Apple Mac OS X 10.7.3
-
Apple MacOSXUpdCombo10.7.5.dmg
For OS X Lion v10.7 and v10.7.3
http://www.apple.com/support/downloads/
MandrakeSoft Enterprise Server 5
-
Mandriva apache-mod_php-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libecpg8.3_6-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libphp5_common5-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libpq8.3_5-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-bcmath-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-bz2-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-calendar-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-cgi-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-cli-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-ctype-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-curl-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-dba-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-devel-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-doc-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-dom-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-enchant-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-exif-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-fileinfo-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-filter-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-fpm-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-ftp-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-gd-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-gettext-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-gmp-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-hash-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-iconv-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-imap-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-ini-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-intl-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-json-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-ldap-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mbstring-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mcrypt-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mssql-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mysql-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mysqli-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-mysqlnd-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-odbc-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-openssl-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pcntl-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo_dblib-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo_mysql-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo_odbc-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo_pgsql-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pdo_sqlite-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pgsql-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-phar-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-posix-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-pspell-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-readline-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-recode-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-session-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-shmop-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-snmp-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-soap-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sockets-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sqlite-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sqlite3-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sybase_ct-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sysvmsg-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sysvsem-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-sysvshm-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-tidy-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-tokenizer-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-wddx-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xml-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xmlreader-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xmlrpc-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xmlwriter-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-xsl-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-zip-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva php-zlib-5.3.14-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva postgresql8.3-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva postgresql8.3-contrib-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva postgresql8.3-devel-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva postgresql8.3-docs-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva postgresql8.3-pl-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva postgresql8.3-plperl-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva postgresql8.3-plpgsql-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva postgresql8.3-plpython-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva postgresql8.3-pltcl-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva postgresql8.3-server-8.3.19-0.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/
Apple Mac OS X 10.8.1
-
Apple OSXUpd10.8.2.dmg
For OS X Mountain Lion v10.8.1
http://www.apple.com/support/downloads/
References
libcrypt 'crypt()' Password Encryption Weakness
References:
References:
- Check Point response to CVE-2012-2143 (Check Point)
- Fix CVE-2012-2143 (PHP)
- Fix incorrect password transformation in contrib/pgcrypto's DES crypt() (PostgreSQL)
- libcrypt Homepage (libcrypt)
- PHP 5.4.4 and PHP 5.3.14 released! (PHP)
- Incorrect crypt() hashing (FreeBSD)
- ASA-2012-289 (Avaya)
- Bug 816956 - (CVE-2012-2143) CVE-2012-2143 BSD crypt(): DES encrypted password w (Red Hat)
- postgresql and postgresql84 security update (RHSA-2012-1037) (Avaya)
- postgresql security update (RHSA-2012-1036) (Avaya)
- Turbolinux Security Advisory TLSA-2012-16 (Turbolinux)