Description

PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.

Remediation

References

CVE-2002-1657

Related Vulnerabilities

Magento CVE-2019-8125 Vulnerability (CVE-2019-8125)

Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2289)

Joomla Inadequate Encryption Strength Vulnerability (CVE-2021-23126)

Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.4.4)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3479)

Severity

Medium

Classification

CVE-2002-1657

Tags

Missing Update Known Vulnerabilities