icon

We found results for “

CVE-2009-4269

Good to know:

icon
icon

Date: August 16, 2010

The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.

Language: Java

Severity Score

Severity Score

Weakness Type (CWE)

Cryptographic Issues

CWE-310

Top Fix

icon

Upgrade Version

Upgrade to version 10.6.1.0

Learn More

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): NONE
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us