htpasswd weakness

AK's weblog

Sunday, September 26. 2004

htpasswd weakness

Just for the records: I noticed a salt generation weakness in htpasswd when using it in MD5 mode and reported it to the Apache developers.

Update: nobody replied to my email, so I went to the Apache website where found out that you now need to submit patches via their BTS. gna Well, I did that too.

Posted by admin in Hacks & Code at 19:50 | Comments (0) | Trackbacks (0)

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as (Linear | Threaded)

No comments

Add Comment

Name
Email
Homepage
In reply to
Comment	Enclosing asterisks marks text as bold (word), underscore are made via _word_. Standard emoticons like :-) and ;-) are converted to images. You can use [geshi lang=lang_name [,ln={y\|n}]][/geshi] tags to embed source code snippets. To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly. Enter the string from the spam-prevention image above:
	Remember Information? Subscribe to this entry

Calendar

Quicksearch

Archives

Buttons

Syndicate This Blog

Blog Administration

Open login screen

Powered by

Serendipity PHP Weblog

Links

Blogroll

• xkcd.com
• Planet Debian
• MY POV ([expect the unexpected])
• C skills
• Planet Erlang / Published News
• armstrong on software
• Photos from akrennmair
• Das Metalab informiert
• dive into mark
• /usr/local/bin
• F!XMBR
• heise online News (full feed)
• JLog
• SecuriTeam Blogs
• .:Computer Defense:.
• Riot Porn
• Chaosradio
• Radiomultikulti vom RBB: Russendisko unplugged
• AK's weblog
• The Recurity Lablog
• milw0rm.com
• seclog.de
• ilja's blag
• udo.kernecker.at - mein leben als prinzregent... ;-)
• grabnerandi.at diary feed
• Hilli's WebLog
• accidents waiting to happen
• Venzi's Weblog
• TaoSecurity
• Irrlicht3d.org
• murphee's Rant
• waiterrant.net
• grml development blog
• mutt Changelog
• nion's blog
• Wannabe Everything
• blog@bytelabs
• Knowledge Brings Fear
• Die wunderbare Welt von Isotopp
• Fefes Blog
• law blog
• mikas blog
• BILDblog
• GoogleWatchBlog
• Krone - Blog
• The Lunatic Fringe
• mp's blog
• Su-Shee 2.0
• Sex, Drugs & Compiler Construction
• Qbi's Weblog
• gedankensplitter
• Ohns Gehirnschleimschmiede
• fh
• Clifford Wolf's Blog
• AK's moblog
• Telepolis News
• Slashdot
• Newssystem von bundesheer.at
• Riding Rails - home
• Serendipity
• O'Reilly Ruby
• CCC Events Weblog
• del.icio.us/dubrider
• del.icio.us/timpritlove
• del.icio.us/ak
• del.icio.us/mika
• AK's Soup
• Friends of ak
• Astronomy Picture of the Day
• german-bash.org - Die neuesten Zitate
• QDB
• WeirdWeirdWorld Latest Feed
• I CAN HAS CHEEZBURGER?
• The Trailer Mash
• Cruel.Com
• fun.drno.de
• Peter Pilz grüner Sicherheitssprecher Österreich Wien
• NPD-BLOG.INFO
• INSM Watchblog
• Hitler-Blog
• Everybody loves Eric Raymond
• Dilbert