DEBIAN-CVE-2011-2483

DEBIAN-CVE-2011-2483 PUBLISHED

crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.

Affected Products

Vendor	Product	Versions
Debian:11	libxcrypt	0, 0, 0
Debian:12	libxcrypt	0, 0, 0
Debian:13	libxcrypt	0, 0, 0
Debian:14	libxcrypt	0, 0, 0

Timeline

Aug 25, 2011 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2011-2483 advisory

Open in Interactive Console →