VDB

CVE-2016-20013

CVE-2016-20013 PUBLISHED

sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.

EPSS 0.31% · 54.3th percentile

Risk Scores

EPSS Score
0.31%
54.3th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSsyslinux0, 3:6.03+dfsg-11ubuntu1, 3:6.03+dfsg-8ubuntu2
Ubuntu:Pro:18.04:LTSzabbix1:3.0.12+dfsg-1ubuntu0.1~esm4, *, *
Ubuntu:24.04:LTSdietlibc*, 0
Ubuntu:18.04:LTSsssd1.16.1-1ubuntu1.6, 1.16.1-1ubuntu1.8, 1.16.1-1ubuntu1.7
Ubuntu:16.04:LTSsssd1.12.5-2, 1.13.1-2, 1.13.2-1
Ubuntu:22.04:LTSsyslinux0, 3:6.04~git20190206.bf6db5b4+dfsg1-3ubuntu1
Ubuntu:24.04:LTSsssd0, 2.9.1-2ubuntu2, 2.9.1-2ubuntu3
Ubuntu:14.04:LTSsyslinux*, *, 0
Ubuntu:Pro:14.04:LTSeglibc2.19-0ubuntu4, 0, 2.18-0ubuntu1
Ubuntu:16.04:LTSdietlibc0, 0.33~cvs20120325-6, 0.33~cvs20120325-6+deb8u1build0.16.04.1
Ubuntu:22.04:LTSzabbix*, 0, 1:5.0.8+dfsg-1build1
Ubuntu:20.04:LTSsyslinux-legacy*, 0
Ubuntu:Pro:16.04:LTSglibc2.23-0ubuntu6, 2.23-0ubuntu5, *
Ubuntu:18.04:LTSsyslinux-legacy2:3.63+dfsg-2ubuntu9, 0
Ubuntu:22.04:LTSglibc2.35-0ubuntu3.1, 2.35-0ubuntu3.4, 2.35-0ubuntu1
Ubuntu:18.04:LTSdietlibc*, 0
Ubuntu:Pro:16.04:LTSzabbix1:2.4.7+dfsg-1, 1:2.4.7+dfsg-2ubuntu2.1, 1:2.4.7+dfsg-2ubuntu2.1+esm1
Ubuntu:Pro:20.04:LTSglibc2.30-0ubuntu2, 2.31-0ubuntu9.9, 2.31-0ubuntu9.12
Ubuntu:20.04:LTSdietlibc*, *, 0
Ubuntu:Pro:18.04:LTSglibc2.27-0ubuntu2, 2.26-0ubuntu2, *

…and 10 more

Timeline

  • Feb 19, 2022 EPSS Score
  • Feb 19, 2022 CVE Published
  • Apr 12, 2022 EPSS Score
  • Jun 3, 2022 EPSS Score
  • Jul 26, 2022 EPSS Score
  • Sep 16, 2022 EPSS Score
  • Nov 8, 2022 EPSS Score
  • Dec 30, 2022 EPSS Score
  • Feb 20, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 13, 2023 EPSS Score
  • Jun 4, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›