|
|
Apache htpasswd Password Entropy Weakness
|
Bugtraq ID:
|
8707
|
|
Class:
|
Design Error
|
|
CVE:
|
|
|
Remote:
|
Yes
|
|
Local:
|
Yes
|
|
Published:
|
Sep 25 2003 12:00AM
|
|
Updated:
|
Feb 15 2008 11:45PM
|
|
Credit:
|
The discovery of this weakness has been credited to Andreas Steinmetz <ast@domdv.de>.
|
|
Vulnerable:
|
Posadis Posadis 1.3.31
Apache Software Foundation Apache 2.2.6
Apache Software Foundation Apache 2.2.5
Apache Software Foundation Apache 2.2.4
Apache Software Foundation Apache 2.2.3
Apache Software Foundation Apache 2.2.2
Apache Software Foundation Apache 2.2 .0
Apache Software Foundation Apache 2.1.8
Apache Software Foundation Apache 2.1.7
Apache Software Foundation Apache 2.1.6
Apache Software Foundation Apache 2.1.5
Apache Software Foundation Apache 2.1.4
Apache Software Foundation Apache 2.1.3
Apache Software Foundation Apache 2.1.2
Apache Software Foundation Apache 2.1.1
Apache Software Foundation Apache 2.1
Apache Software Foundation Apache 2.0.59
Apache Software Foundation Apache 2.0.58
+
Debian Linux 3.1 sparc
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 amd64
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1
Apache Software Foundation Apache 2.0.56 -dev
Apache Software Foundation Apache 2.0.55
Apache Software Foundation Apache 2.0.54
+
Debian Linux 3.1 sparc
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 amd64
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1
Apache Software Foundation Apache 2.0.53
Apache Software Foundation Apache 2.0.52
+
Apple Mac OS X 10.3.6
+
Apple Mac OS X 10.2.8
+
Apple Mac OS X Server 10.3.6
+
Apple Mac OS X Server 10.2.8
+
RedHat Desktop 4.0
+
RedHat Enterprise Linux AS 4
+
RedHat Enterprise Linux ES 4
+
RedHat Enterprise Linux WS 4
+
Sun Solaris 10
Apache Software Foundation Apache 2.0.51
+
RedHat Fedora Core2
+
RedHat Fedora Core1
Apache Software Foundation Apache 2.0.50
+
MandrakeSoft Linux Mandrake 10.1 x86_64
+
MandrakeSoft Linux Mandrake 10.1
Apache Software Foundation Apache 2.0.49
+
S.u.S.E. Linux Personal 9.1
+
Trustix Secure Linux 2.1
+
Trustix Secure Linux 2.0
Apache Software Foundation Apache 2.0.48
+
MandrakeSoft Linux Mandrake 10.0 AMD64
+
MandrakeSoft Linux Mandrake 10.0
+
S.u.S.E. Linux 8.1
+
S.u.S.E. Linux Personal 9.0 x86_64
+
S.u.S.E. Linux Personal 9.0
+
S.u.S.E. Linux Personal 8.2
+
Trustix Secure Linux 2.1
+
Trustix Secure Linux 2.0
Apache Software Foundation Apache 2.0.47
+
Apple Mac OS X Server 10.3.5
+
Apple Mac OS X Server 10.3.4
+
Apple Mac OS X Server 10.3.3
+
Apple Mac OS X Server 10.3.2
+
Apple Mac OS X Server 10.3.1
+
Apple Mac OS X Server 10.3
+
Apple Mac OS X Server 10.2.8
+
Apple Mac OS X Server 10.2.7
+
Apple Mac OS X Server 10.2.6
+
Apple Mac OS X Server 10.2.5
+
Apple Mac OS X Server 10.2.4
+
Apple Mac OS X Server 10.2.3
+
Apple Mac OS X Server 10.2.2
+
Apple Mac OS X Server 10.2.1
+
Apple Mac OS X Server 10.2
+
Apple Mac OS X Server 10.1.5
+
Apple Mac OS X Server 10.1.4
+
Apple Mac OS X Server 10.1.3
+
Apple Mac OS X Server 10.1.2
+
Apple Mac OS X Server 10.1.1
+
Apple Mac OS X Server 10.1
+
MandrakeSoft Linux Mandrake 9.2 amd64
+
MandrakeSoft Linux Mandrake 9.2
+
MandrakeSoft Linux Mandrake 9.1 ppc
+
MandrakeSoft Linux Mandrake 9.1
Apache Software Foundation Apache 2.0.46
+
RedHat Desktop 3.0
+
RedHat Enterprise Linux AS 3
+
RedHat Enterprise Linux ES 3
+
RedHat Enterprise Linux WS 3
+
Trustix Secure Linux 2.0
Apache Software Foundation Apache 2.0.45
-
Apple Mac OS X 10.2.6
-
Apple Mac OS X 10.2.5
-
Apple Mac OS X 10.2.4
-
Apple Mac OS X 10.2.3
-
Apple Mac OS X 10.2.2
-
Apple Mac OS X 10.2.1
-
Apple Mac OS X 10.2
-
Apple Mac OS X 10.1.5
-
Apple Mac OS X 10.1.4
-
Apple Mac OS X 10.1.3
-
Apple Mac OS X 10.1.2
-
Apple Mac OS X 10.1.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.0.4
-
Apple Mac OS X 10.0.3
-
Apple Mac OS X 10.0.2
-
Apple Mac OS X 10.0.1
-
Apple Mac OS X 10.0
+
Conectiva Linux 9.0
Apache Software Foundation Apache 2.0.44
Apache Software Foundation Apache 2.0.43
Apache Software Foundation Apache 2.0.42
+
Gentoo Linux 1.4 _rc1
+
Gentoo Linux 1.2
Apache Software Foundation Apache 2.0.41
Apache Software Foundation Apache 2.0.40
+
RedHat Linux 9.0 i386
+
RedHat Linux 8.0
+
Terra Soft Solutions Yellow Dog Linux 3.0
Apache Software Foundation Apache 2.0.39
Apache Software Foundation Apache 2.0.38
Apache Software Foundation Apache 2.0.37
Apache Software Foundation Apache 2.0.36
Apache Software Foundation Apache 2.0.35
Apache Software Foundation Apache 2.0.32
Apache Software Foundation Apache 2.0.28 Beta
Apache Software Foundation Apache 2.0.28
Apache Software Foundation Apache 2.0 a9
Apache Software Foundation Apache 2.0
Apache Software Foundation Apache 1.3.39
Apache Software Foundation Apache 1.3.37
Apache Software Foundation Apache 1.3.36
Apache Software Foundation Apache 1.3.35 -dev
Apache Software Foundation Apache 1.3.35
Apache Software Foundation Apache 1.3.34
Apache Software Foundation Apache 1.3.33
+
Apple Mac OS X 10.3.6
+
Apple Mac OS X 10.2.8
+
Apple Mac OS X Server 10.3.6
+
Apple Mac OS X Server 10.2.8
+
Debian Linux 3.1 sparc
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 amd64
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1
Apache Software Foundation Apache 1.3.32
+
Gentoo Linux 1.4
+
Gentoo Linux
Apache Software Foundation Apache 1.3.31
+
OpenPKG OpenPKG Current
Apache Software Foundation Apache 1.3.29
+
Apple Mac OS X 10.3.5
+
Apple Mac OS X 10.2.7
+
Apple Mac OS X Server 10.3.5
+
Apple Mac OS X Server 10.2.7
+
MandrakeSoft Linux Mandrake 10.0 AMD64
+
MandrakeSoft Linux Mandrake 10.0
+
OpenPKG OpenPKG 2.0
Apache Software Foundation Apache 1.3.28
+
Conectiva Linux 8.0
+
MandrakeSoft Linux Mandrake 9.2 amd64
+
MandrakeSoft Linux Mandrake 9.2
+
OpenBSD OpenBSD 3.4
+
OpenPKG OpenPKG 1.3
Apache Software Foundation Apache 1.3.27
+
HP HP-UX (VVOS) 11.0 4
+
HP VirtualVault 4.6
+
HP VirtualVault 4.5
+
HP Webproxy 2.0
+
Immunix Immunix OS 7+
+
MandrakeSoft Linux Mandrake 9.1 ppc
+
MandrakeSoft Linux Mandrake 9.1
+
OpenBSD OpenBSD 3.3
+
OpenPKG OpenPKG Current
+
RedHat Enterprise Linux AS 2.1 IA64
+
RedHat Enterprise Linux AS 2.1
+
RedHat Enterprise Linux ES 2.1 IA64
+
RedHat Enterprise Linux ES 2.1
+
RedHat Enterprise Linux WS 2.1 IA64
+
RedHat Enterprise Linux WS 2.1
+
RedHat Linux Advanced Work Station 2.1
+
SGI IRIX 6.5.19
Apache Software Foundation Apache 1.3.9
+
Debian Linux 2.2 sparc
+
Debian Linux 2.2 powerpc
+
Debian Linux 2.2 arm
+
Debian Linux 2.2 alpha
+
Debian Linux 2.2 68k
+
Debian Linux 2.2
+
NetScreen NetScreen-Global PRO Express Policy Manager Server
+
NetScreen NetScreen-Global PRO Policy Manager Server
+
Sun Solaris 8_x86
+
Sun Solaris 8
+
Sun SunOS 5.8 _x86
+
Sun SunOS 5.8
Apache Software Foundation Apache 1.3.7 -dev
Apache Software Foundation Apache 1.3.6
+
Sun Cobalt ManageRaQ3 3000R-mr
+
Sun Cobalt RaQ3 3000R
+
Sun Cobalt Velociraptor
Apache Software Foundation Apache 1.3.4
+
BSDI BSD/OS 4.0
Apache Software Foundation Apache 1.3.3
+
RedHat Linux 5.2 sparc
+
RedHat Linux 5.2 i386
+
RedHat Linux 5.2 alpha
Apache Software Foundation Apache 2.3.38-dev
Apache Software Foundation Apache 2.2.7-dev
Apache Software Foundation Apache 2.2.6-dev
Apache Software Foundation Apache 2.2.5-dev
Apache Software Foundation Apache 2.0.62-dev
Apache Software Foundation Apache 2.0.61-dev
Apache Software Foundation Apache 2.0.60-dev
Apache Software Foundation Apache 1.3.40-dev
|
|
|
|
Not Vulnerable:
|
|
|
|
