CVE-2008-6792

Publication date 7 May 2009

Last updated 24 July 2024

Ubuntu priority

system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by “Users and Groups” in GNOME System Tools, hashes account passwords with 3DES and consequently limits effective password lengths to eight characters, which makes it easier for context-dependent attackers to successfully conduct brute-force password attacks.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
system-tools-backends	9.04 jaunty	Not affected
	8.10 intrepid	Fixed 2.6.0-1ubuntu1.1
	8.04 LTS hardy	Not affected
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2008-6792