CVE-2011-3189

critical

Description

The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/69429

https://bugs.gentoo.org/show_bug.cgi?id=380261

http://www.php.net/archive/2011.php#id2011-08-23-1

http://www.php.net/ChangeLog-5.php#5.3.8

http://www.openwall.com/lists/oss-security/2011/08/23/4

http://support.apple.com/kb/HT5130

http://secunia.com/advisories/45678

http://osvdb.org/74726

http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html

Details

Source: Mitre, NVD

Published: 2011-08-25

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical