SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Embedded Server/Appliance)  >   Nokia IPSO Vendors:   Check Point
(Check Point Issues Fix for Check Point IPSO) FreeBSD crypt(3) Hash Generation Error May Generate Incorrect Hashes
SecurityTracker Alert ID:  1027118
SecurityTracker URL:  http://securitytracker.com/id/1027118
CVE Reference:   CVE-2012-2143   (Links to External Site)
Date:  Jun 5 2012
Impact:   Modification of authentication information, Modification of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): IPSO 6.2
Description:   A vulnerability was reported in FreeBSD. The system may generate incorrect hashes. Check Point IPSO is affected.

When the crypt(3) system call is hashing data that contains a character with only the most significant bit set (0x80), that character and all subsequent characters are ignored.

Impact:   The system may generate incorrect hashes.
Solution:   Check Point has issued a hotfix for Check Point IPSO 6.2 (formerly Nokia IPSO).

The Check Point advisory is available at:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk75640

Cause:   Input validation error, State error

Message History:   This archive entry is a follow-up to the message listed below.
Apr 30 2012 FreeBSD crypt(3) Hash Generation Error May Generate Incorrect Hashes



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC