CVE-2013-1053

Summary

In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and passwords is insecure. An attacker could use this vulnerability to recover usernames and passwords from the file. This issue affects version 1.0.0-0ubuntu3 and prior versions.

Affected Software

VendorProductVersion RangeStatus
Canonicalremote-login-service1.0.0-0 <= 1.0.0-0ubuntu3affected

Weaknesses

  • CWE-261: CWE-261 Weak Cryptography for Passwords

ADP Enrichment

CVE Program Container

Additional References

References