CVE-2011-2082
First published: Mon Jun 04 2012(Updated: )
The vulnerable-passwords script in Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not update the password-hash algorithm for disabled user accounts, which makes it easier for context-dependent attackers to determine cleartext passwords, and possibly use these passwords after accounts are re-enabled, via a brute-force attack on the database. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0009.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Bestpractical Rt | =3.8.7 | |
| Bestpractical Rt | =3.5.5 | |
| Bestpractical Rt | =3.0.4 | |
| Bestpractical Rt | =3.2.1-rc1 | |
| Bestpractical Rt | =3.6.0-pre1 | |
| Bestpractical Rt | =3.8.9-rc2 | |
| Bestpractical Rt | =3.4.0-rc2 | |
| Bestpractical Rt | =3.0.8 | |
| Bestpractical Rt | =3.8.11 | |
| Bestpractical Rt | =3.4.2-rc2 | |
| Bestpractical Rt | =3.6.4-rc2 | |
| Bestpractical Rt | =3.8.8-rc2 | |
| Bestpractical Rt | =3.2.1-rc3 | |
| Bestpractical Rt | =3.8.9-rc1 | |
| Bestpractical Rt | =3.2.0-rc4 | |
| Bestpractical Rt | =3.1.2 | |
| Bestpractical Rt | =3.4.2-rc1 | |
| Bestpractical Rt | =3.6.6-rc1 | |
| Bestpractical Rt | =3.4.5 | |
| Bestpractical Rt | =3.0.2 | |
| Bestpractical Rt | =3.5.4 | |
| Bestpractical Rt | =3.6.7 | |
| Bestpractical Rt | =3.0.10-rc1 | |
| Bestpractical Rt | =3.6.2 | |
| Bestpractical Rt | =3.4.5-rc2 | |
| Bestpractical Rt | =3.2.2 | |
| Bestpractical Rt | =3.6.3 | |
| Bestpractical Rt | =3.1.6 | |
| Bestpractical Rt | =3.0.11 | |
| Bestpractical Rt | =3.8.2 | |
| Bestpractical Rt | =3.8.8-rc4 | |
| Bestpractical Rt | =3.6.2-rc1 | |
| Bestpractical Rt | =3.1.11 | |
| Bestpractical Rt | =3.6.0-pre0 | |
| Bestpractical Rt | =3.1.10 | |
| Bestpractical Rt | =3.0.10-pre2 | |
| Bestpractical Rt | =3.6.5-rc1 | |
| Bestpractical Rt | =3.6.0 | |
| Bestpractical Rt | =3.6.6-rc2 | |
| Bestpractical Rt | =3.8.0 | |
| Bestpractical Rt | =3.4.0-rc5 | |
| Bestpractical Rt | =3.4.0 | |
| Bestpractical Rt | =3.6.3-rc4 | |
| Bestpractical Rt | =3.8.1-rc1 | |
| Bestpractical Rt | =3.8.10 | |
| Bestpractical Rt | =3.1.7 | |
| Bestpractical Rt | =3.4.4-pre2 | |
| Bestpractical Rt | =3.8.3-rc1 | |
| Bestpractical Rt | =3.8.9 | |
| Bestpractical Rt | =3.1.13 | |
| Bestpractical Rt | =3.4.7-rc1 | |
| Bestpractical Rt | =3.4.0-rc3 | |
| Bestpractical Rt | =3.6.5-rc2 | |
| Bestpractical Rt | =3.8.2-rc2 | |
| Bestpractical Rt | =3.8.0-rc1 | |
| Bestpractical Rt | =3.4.0-rc4 | |
| Bestpractical Rt | =3.0.10 | |
| Bestpractical Rt | =3.8.8-rc3 | |
| Bestpractical Rt | =3.8.2-rc1 | |
| Bestpractical Rt | =3.6.10 | |
| Bestpractical Rt | =3.0.10-pre1 | |
| Bestpractical Rt | =3.1.16 | |
| Bestpractical Rt | =3.2.3 | |
| Bestpractical Rt | =3.2.2-rc1 | |
| Bestpractical Rt | =3.6.3-rc2 | |
| Bestpractical Rt | =3.5.3 | |
| Bestpractical Rt | =3.0.5 | |
| Bestpractical Rt | =3.2.0 | |
| Bestpractical Rt | =3.8.9-rc3 | |
| Bestpractical Rt | =3.0.0 | |
| Bestpractical Rt | =3.4.6 | |
| Bestpractical Rt | =3.0.3 | |
| Bestpractical Rt | =3.4.3 | |
| Bestpractical Rt | =3.6.9 | |
| Bestpractical Rt | =3.6.6 | |
| Bestpractical Rt | =3.6.1-rc2 | |
| Bestpractical Rt | =3.6.5 | |
| Bestpractical Rt | =3.8.1-rc3 | |
| Bestpractical Rt | =3.4.3-rc2 | |
| Bestpractical Rt | =3.4.0-rc6 | |
| Bestpractical Rt | =3.6.2-rc3 | |
| Bestpractical Rt | =3.4.5-pre1 | |
| Bestpractical Rt | =3.8.4-rc1 | |
| Bestpractical Rt | =3.0.1 | |
| Bestpractical Rt | =3.8.1-rc4 | |
| Bestpractical Rt | =3.4.4-pre3 | |
| Bestpractical Rt | =3.2.1 | |
| Bestpractical Rt | =3.8.5 | |
| Bestpractical Rt | =3.6.6-rc3 | |
| Bestpractical Rt | =3.2.3-rc2 | |
| Bestpractical Rt | =3.4.4 | |
| Bestpractical Rt | =3.0.11-rc4 | |
| Bestpractical Rt | =3.5.6 | |
| Bestpractical Rt | =3.6.4-rc1 | |
| Bestpractical Rt | =3.6.8 | |
| Bestpractical Rt | =3.0.6 | |
| Bestpractical Rt | =3.2.1-rc2 | |
| Bestpractical Rt | =3.8.1-rc5 | |
| Bestpractical Rt | =3.1.8 | |
| Bestpractical Rt | =3.4.6-rc2 | |
| Bestpractical Rt | =3.4.3-rc1 | |
| Bestpractical Rt | =3.6.3-rc1 | |
| Bestpractical Rt | =3.6.0-rc1 | |
| Bestpractical Rt | =3.8.6-rc1 | |
| Bestpractical Rt | =3.2.0-rc2 | |
| Bestpractical Rt | =3.1.12 | |
| Bestpractical Rt | =3.1.5 | |
| Bestpractical Rt | =3.8.8 | |
| Bestpractical Rt | =3.8.0-rc3 | |
| Bestpractical Rt | =3.8.0-rc2 | |
| Bestpractical Rt | =3.2.0-rc1 | |
| Bestpractical Rt | =3.1.17 | |
| Bestpractical Rt | =3.0.7 | |
| Bestpractical Rt | =3.2.0-rc3 | |
| Bestpractical Rt | =3.7.86 | |
| Bestpractical Rt | =3.0.7.1 | |
| Bestpractical Rt | =3.6.3-rc3 | |
| Bestpractical Rt | =3.7.80 | |
| Bestpractical Rt | =3.1.15 | |
| Bestpractical Rt | =3.0.12 | |
| Bestpractical Rt | =3.6.2-rc4 | |
| Bestpractical Rt | =3.0.9 | |
| Bestpractical Rt | =3.4.4-pre1 | |
| Bestpractical Rt | =3.8.3 | |
| Bestpractical Rt | =3.7.1 | |
| Bestpractical Rt | =3.1.3 | |
| Bestpractical Rt | =3.6.1 | |
| Bestpractical Rt | =3.4.0-rc1 | |
| Bestpractical Rt | =3.4.1 | |
| Bestpractical Rt | =3.4.5-rc1 | |
| Bestpractical Rt | =3.2.3-rc1 | |
| Bestpractical Rt | =3.8.6 | |
| Bestpractical Rt | =3.6.4 | |
| Bestpractical Rt | =3.5.7 | |
| Bestpractical Rt | =3.6.0-rc3 | |
| Bestpractical Rt | =3.8.1 | |
| Bestpractical Rt | =3.8.4 | |
| Bestpractical Rt | =3.7.5 | |
| Bestpractical Rt | =3.8.1-rc2 | |
| Bestpractical Rt | =3.7.85 | |
| Bestpractical Rt | =3.6.1-rc1 | |
| Bestpractical Rt | =3.8.3-rc2 | |
| Bestpractical Rt | =3.6.2-rc5 | |
| Bestpractical Rt | =3.4.6-rc1 | |
| Bestpractical Rt | =3.6.1-pre2 | |
| Bestpractical Rt | =3.0.11-rc2 | |
| Bestpractical Rt | =3.2.1-rc4 | |
| Bestpractical Rt | =3.5.2 | |
| Bestpractical Rt | =3.6.0-rc2 | |
| Bestpractical Rt | =3.1.4 | |
| Bestpractical Rt | =3.0.11-rc3 | |
| Bestpractical Rt | =3.8.7-rc1 | |
| Bestpractical Rt | =3.1.14 | |
| Bestpractical Rt | =3.4.2 | |
| Bestpractical Rt | =3.5.1 | |
| Bestpractical Rt | =4.0.0-rc4 | |
| Bestpractical Rt | =4.0.3 | |
| Bestpractical Rt | =4.0.0-rc7 | |
| Bestpractical Rt | =4.0.1 | |
| Bestpractical Rt | =4.0.0-rc3 | |
| Bestpractical Rt | =4.0.0-rc8 | |
| Bestpractical Rt | =4.0.0-rc6 | |
| Bestpractical Rt | =4.0.0-rc5 | |
| Bestpractical Rt | =4.0.4 | |
| Bestpractical Rt | =4.0.0-rc2 | |
| Bestpractical Rt | =4.0.0 | |
| Bestpractical Rt | =3.8.12 | |
| Bestpractical Rt | =4.0.2 | |
| Bestpractical Rt | =4.0.0-rc1 | |
| Bestpractical Rt | =4.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/bestpractical
- canonical/bestpractical rt
- version/bestpractical rt/3.8.7
- version/bestpractical rt/3.5.5
- version/bestpractical rt/3.0.4
- version/bestpractical rt/3.2.1-rc1
- version/bestpractical rt/3.6.0-pre1
- version/bestpractical rt/3.8.9-rc2
- version/bestpractical rt/3.4.0-rc2
- version/bestpractical rt/3.0.8
- version/bestpractical rt/3.8.11
- version/bestpractical rt/3.4.2-rc2
- version/bestpractical rt/3.6.4-rc2
- version/bestpractical rt/3.8.8-rc2
- version/bestpractical rt/3.2.1-rc3
- version/bestpractical rt/3.8.9-rc1
- version/bestpractical rt/3.2.0-rc4
- version/bestpractical rt/3.1.2
- version/bestpractical rt/3.4.2-rc1
- version/bestpractical rt/3.6.6-rc1
- version/bestpractical rt/3.4.5
- version/bestpractical rt/3.0.2
- version/bestpractical rt/3.5.4
- version/bestpractical rt/3.6.7
- version/bestpractical rt/3.0.10-rc1
- version/bestpractical rt/3.6.2
- version/bestpractical rt/3.4.5-rc2
- version/bestpractical rt/3.2.2
- version/bestpractical rt/3.6.3
- version/bestpractical rt/3.1.6
- version/bestpractical rt/3.0.11
- version/bestpractical rt/3.8.2
- version/bestpractical rt/3.8.8-rc4
- version/bestpractical rt/3.6.2-rc1
- version/bestpractical rt/3.1.11
- version/bestpractical rt/3.6.0-pre0
- version/bestpractical rt/3.1.10
- version/bestpractical rt/3.0.10-pre2
- version/bestpractical rt/3.6.5-rc1
- version/bestpractical rt/3.6.0
- version/bestpractical rt/3.6.6-rc2
- version/bestpractical rt/3.8.0
- version/bestpractical rt/3.4.0-rc5
- version/bestpractical rt/3.4.0
- version/bestpractical rt/3.6.3-rc4
- version/bestpractical rt/3.8.1-rc1
- version/bestpractical rt/3.8.10
- version/bestpractical rt/3.1.7
- version/bestpractical rt/3.4.4-pre2
- version/bestpractical rt/3.8.3-rc1
- version/bestpractical rt/3.8.9
- version/bestpractical rt/3.1.13
- version/bestpractical rt/3.4.7-rc1
- version/bestpractical rt/3.4.0-rc3
- version/bestpractical rt/3.6.5-rc2
- version/bestpractical rt/3.8.2-rc2
- version/bestpractical rt/3.8.0-rc1
- version/bestpractical rt/3.4.0-rc4
- version/bestpractical rt/3.0.10
- version/bestpractical rt/3.8.8-rc3
- version/bestpractical rt/3.8.2-rc1
- version/bestpractical rt/3.6.10
- version/bestpractical rt/3.0.10-pre1
- version/bestpractical rt/3.1.16
- version/bestpractical rt/3.2.3
- version/bestpractical rt/3.2.2-rc1
- version/bestpractical rt/3.6.3-rc2
- version/bestpractical rt/3.5.3
- version/bestpractical rt/3.0.5
- version/bestpractical rt/3.2.0
- version/bestpractical rt/3.8.9-rc3
- version/bestpractical rt/3.0.0
- version/bestpractical rt/3.4.6
- version/bestpractical rt/3.0.3
- version/bestpractical rt/3.4.3
- version/bestpractical rt/3.6.9
- version/bestpractical rt/3.6.6
- version/bestpractical rt/3.6.1-rc2
- version/bestpractical rt/3.6.5
- version/bestpractical rt/3.8.1-rc3
- version/bestpractical rt/3.4.3-rc2
- version/bestpractical rt/3.4.0-rc6
- version/bestpractical rt/3.6.2-rc3
- version/bestpractical rt/3.4.5-pre1
- version/bestpractical rt/3.8.4-rc1
- version/bestpractical rt/3.0.1
- version/bestpractical rt/3.8.1-rc4
- version/bestpractical rt/3.4.4-pre3
- version/bestpractical rt/3.2.1
- version/bestpractical rt/3.8.5
- version/bestpractical rt/3.6.6-rc3
- version/bestpractical rt/3.2.3-rc2
- version/bestpractical rt/3.4.4
- version/bestpractical rt/3.0.11-rc4
- version/bestpractical rt/3.5.6
- version/bestpractical rt/3.6.4-rc1
- version/bestpractical rt/3.6.8
- version/bestpractical rt/3.0.6
- version/bestpractical rt/3.2.1-rc2
- version/bestpractical rt/3.8.1-rc5
- version/bestpractical rt/3.1.8
- version/bestpractical rt/3.4.6-rc2
- version/bestpractical rt/3.4.3-rc1
- version/bestpractical rt/3.6.3-rc1
- version/bestpractical rt/3.6.0-rc1
- version/bestpractical rt/3.8.6-rc1
- version/bestpractical rt/3.2.0-rc2
- version/bestpractical rt/3.1.12
- version/bestpractical rt/3.1.5
- version/bestpractical rt/3.8.8
- version/bestpractical rt/3.8.0-rc3
- version/bestpractical rt/3.8.0-rc2
- version/bestpractical rt/3.2.0-rc1
- version/bestpractical rt/3.1.17
- version/bestpractical rt/3.0.7
- version/bestpractical rt/3.2.0-rc3
- version/bestpractical rt/3.7.86
- version/bestpractical rt/3.0.7.1
- version/bestpractical rt/3.6.3-rc3
- version/bestpractical rt/3.7.80
- version/bestpractical rt/3.1.15
- version/bestpractical rt/3.0.12
- version/bestpractical rt/3.6.2-rc4
- version/bestpractical rt/3.0.9
- version/bestpractical rt/3.4.4-pre1
- version/bestpractical rt/3.8.3
- version/bestpractical rt/3.7.1
- version/bestpractical rt/3.1.3
- version/bestpractical rt/3.6.1
- version/bestpractical rt/3.4.0-rc1
- version/bestpractical rt/3.4.1
- version/bestpractical rt/3.4.5-rc1
- version/bestpractical rt/3.2.3-rc1
- version/bestpractical rt/3.8.6
- version/bestpractical rt/3.6.4
- version/bestpractical rt/3.5.7
- version/bestpractical rt/3.6.0-rc3
- version/bestpractical rt/3.8.1
- version/bestpractical rt/3.8.4
- version/bestpractical rt/3.7.5
- version/bestpractical rt/3.8.1-rc2
- version/bestpractical rt/3.7.85
- version/bestpractical rt/3.6.1-rc1
- version/bestpractical rt/3.8.3-rc2
- version/bestpractical rt/3.6.2-rc5
- version/bestpractical rt/3.4.6-rc1
- version/bestpractical rt/3.6.1-pre2
- version/bestpractical rt/3.0.11-rc2
- version/bestpractical rt/3.2.1-rc4
- version/bestpractical rt/3.5.2
- version/bestpractical rt/3.6.0-rc2
- version/bestpractical rt/3.1.4
- version/bestpractical rt/3.0.11-rc3
- version/bestpractical rt/3.8.7-rc1
- version/bestpractical rt/3.1.14
- version/bestpractical rt/3.4.2
- version/bestpractical rt/3.5.1
- version/bestpractical rt/4.0.0-rc4
- version/bestpractical rt/4.0.3
- version/bestpractical rt/4.0.0-rc7
- version/bestpractical rt/4.0.1
- version/bestpractical rt/4.0.0-rc3
- version/bestpractical rt/4.0.0-rc8
- version/bestpractical rt/4.0.0-rc6
- version/bestpractical rt/4.0.0-rc5
- version/bestpractical rt/4.0.4
- version/bestpractical rt/4.0.0-rc2
- version/bestpractical rt/4.0.0
- version/bestpractical rt/3.8.12
- version/bestpractical rt/4.0.2
- version/bestpractical rt/4.0.0-rc1
- version/bestpractical rt/4.0.5