Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability
From: Wichert Akkerman <wichert () wiggy net>
Date: Mon, 11 Jun 2001 01:18:25 +0200

Previously Peter van Dijk wrote:
crypt() passwords are never more than 8 characters - anything beyond
8 characters is discarded.

That highly depends on the crypt implementation. The original crypt
only used 8 characters, but modern implementations can use different
schemes (md5 for example).

Wichert.

-- 
  _________________________________________________________________
 /       Nothing is fool-proof to a sufficiently talented fool     \
| wichert () cistron nl                  http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]