FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-1143

This CVE name corresponds to:

Entered Topic
2005-06-01 mailman -- generated passwords are poor quality

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2004-1143
Phase Assigned(20041206)

Description

The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.

References

Source Reference
BUGTRAQ 20050110 [USN-59-1] mailman vulnerabilities
CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286796
SUSE SUSE-SA:2005:007
SECUNIA 13603
XF mailman-weak-encryption(18857)