Computer Security
[EN] securityvulns.ru no-pyccku


Apache CouchDB timing attack
Published:05.04.2010
Source:
SecurityVulns ID:10742
Type:remote
Threat Level:
5/10
Description:Password validation algorythm allows to guess matching part.
Affected:APACHE : CouchDB 0.10
CVE:CVE-2010-0009 (Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.)
Original documentdocumentAPACHE, [SECURITY] CVE-2008-2370: Apache CouchDB Timing Attack Vulnerability (05.04.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod