What is the severity of CVE-2006-1058?

CVE-2006-1058 is considered a high severity vulnerability due to the lack of password salting, making it easier for attackers to exploit stolen password files.

How do I fix CVE-2006-1058?

To fix CVE-2006-1058, upgrade to a version of BusyBox that includes salt in password generation or implement an external solution that mitigates password cracking.

Who is affected by CVE-2006-1058?

CVE-2006-1058 affects systems running BusyBox version 1.1.1 and certain Avaya products that utilize BusyBox for password management.

What are the risks associated with CVE-2006-1058?

The risks associated with CVE-2006-1058 include unauthorized access to systems and data as attackers can easily crack unsalted passwords.

How can I mitigate the impact of CVE-2006-1058?

To mitigate the impact of CVE-2006-1058, consider using stronger password policies, multi-factor authentication, and regularly auditing password strength.

Vulnerability/
CVE-2006-1058

medium

5.5

CWE

NVD-CWE-Other 916

4/4/2006

7/8/2024

CVE-2006-1058

First published: Tue Apr 04 2006(Updated: )

BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
Busybox Busybox	=1.1.1
Avaya Aura Application Enablement Services	=4.01
Avaya Aura Application Enablement Services	=4.1
Avaya Aura SIP Enablement Services	<5.0
Avaya Message Networking
Avaya Messaging Storage Server	>=3.0<4.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-1058?
CVE-2006-1058 is considered a high severity vulnerability due to the lack of password salting, making it easier for attackers to exploit stolen password files.
How do I fix CVE-2006-1058?
To fix CVE-2006-1058, upgrade to a version of BusyBox that includes salt in password generation or implement an external solution that mitigates password cracking.
Who is affected by CVE-2006-1058?
CVE-2006-1058 affects systems running BusyBox version 1.1.1 and certain Avaya products that utilize BusyBox for password management.
What are the risks associated with CVE-2006-1058?
The risks associated with CVE-2006-1058 include unauthorized access to systems and data as attackers can easily crack unsalted passwords.
How can I mitigate the impact of CVE-2006-1058?
To mitigate the impact of CVE-2006-1058, consider using stronger password policies, multi-factor authentication, and regularly auditing password strength.

collector/nvd-historical
collector/nvd-index
agent/type
agent/author
agent/severity
agent/weakness
agent/references
agent/softwarecombine
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/busybox
canonical/busybox busybox
version/busybox busybox/1.1.1
vendor/avaya
canonical/avaya aura application enablement services
version/avaya aura application enablement services/4.01
version/avaya aura application enablement services/4.1
canonical/avaya aura sip enablement services
canonical/avaya message networking
canonical/avaya messaging storage server
version/avaya messaging storage server/3.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2006-1058?
CVE-2006-1058 is considered a high severity vulnerability due to the lack of password salting, making it easier for attackers to exploit stolen password files.
How do I fix CVE-2006-1058?
To fix CVE-2006-1058, upgrade to a version of BusyBox that includes salt in password generation or implement an external solution that mitigates password cracking.
Who is affected by CVE-2006-1058?
CVE-2006-1058 affects systems running BusyBox version 1.1.1 and certain Avaya products that utilize BusyBox for password management.
What are the risks associated with CVE-2006-1058?
The risks associated with CVE-2006-1058 include unauthorized access to systems and data as attackers can easily crack unsalted passwords.
How can I mitigate the impact of CVE-2006-1058?
To mitigate the impact of CVE-2006-1058, consider using stronger password policies, multi-factor authentication, and regularly auditing password strength.