CVE-2009-4269 - OpenCVE

The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Derby

Configuration 1 [-]

cpe:2.3:a:apache:derby:*:*:*:*:*:*:*:*

References

Link	Resource
http://blogs.sun.com/kah/entry/derby_10_6_1_has
http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269
http://marc.info/?l=apache-db-general&m=127428514905504&w=1
http://marcellmajor.com/derbyhash.html
http://secunia.com/advisories/42948
http://secunia.com/advisories/42970
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
http://www.securityfocus.com/bid/42637
http://www.securitytracker.com/id?1024977
http://www.vupen.com/english/advisories/2011/0149
https://issues.apache.org/jira/browse/DERBY-4483	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2010-08-16T19:00:00

Updated: 2011-01-22T10:00:00

Reserved: 2009-12-10T00:00:00

Link: CVE-2009-4269

JSON object: View

NVD Information

Status : Modified

Published: 2010-08-16T20:00:01.183

Modified: 2011-01-26T06:41:50.127

Link: CVE-2009-4269

JSON object: View

Redhat Information

No data.

CWE

CWE-310

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-05-19T00:00:00", "descriptions": [{"lang": "en", "value": "The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-01-22T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[apache-db-general] 20100519 [ANNOUNCE] Apache Derby 10.6.1.0 released", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=apache-db-general&m=127428514905504&w=1"}, {"name": "42948", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42948"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.apache.org/jira/browse/DERBY-4483"}, {"tags": ["x_refsource_MISC"], "url": "http://blogs.sun.com/kah/entry/derby_10_6_1_has"}, {"name": "ADV-2011-0149", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0149"}, {"name": "42970", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42970"}, {"tags": ["x_refsource_MISC"], "url": "http://marcellmajor.com/derbyhash.html"}, {"name": "1024977", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1024977"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269"}, {"name": "42637", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/42637"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2009-4269", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[apache-db-general] 20100519 [ANNOUNCE] Apache Derby 10.6.1.0 released", "refsource": "MLIST", "url": "http://marc.info/?l=apache-db-general&m=127428514905504&w=1"}, {"name": "42948", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42948"}, {"name": "https://issues.apache.org/jira/browse/DERBY-4483", "refsource": "CONFIRM", "url": "https://issues.apache.org/jira/browse/DERBY-4483"}, {"name": "http://blogs.sun.com/kah/entry/derby_10_6_1_has", "refsource": "MISC", "url": "http://blogs.sun.com/kah/entry/derby_10_6_1_has"}, {"name": "ADV-2011-0149", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0149"}, {"name": "42970", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42970"}, {"name": "http://marcellmajor.com/derbyhash.html", "refsource": "MISC", "url": "http://marcellmajor.com/derbyhash.html"}, {"name": "1024977", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024977"}, {"name": "http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269", "refsource": "CONFIRM", "url": "http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269"}, {"name": "42637", "refsource": "BID", "url": "http://www.securityfocus.com/bid/42637"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-4269", "datePublished": "2010-08-16T19:00:00", "dateReserved": "2009-12-10T00:00:00", "dateUpdated": "2011-01-22T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:derby:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA90C098-3409-4D76-997B-46E690C1F10A", "versionEndIncluding": "10.5.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution."}, {"lang": "es", "value": "El algoritmo de generaci\u00f3n del hash de la contrase\u00f1a en la funcionalidad autenticaci\u00f3n BUILTIN de Apache Derby en versiones anteriores a la v10.6.1.0 realiza una transformaci\u00f3n que reduce el tama\u00f1o del conjunto de entrada a SHA-1, lo que produce un espacio de b\u00fasqueda peque\u00f1o que facilita a usuarios locales y, posiblemente, remotos romper contrase\u00f1as generando colisiones de hash, relacionado con la substituci\u00f3n de contrase\u00f1a."}], "evaluatorComment": "Per https://issues.apache.org/jira/browse/DERBY-4483, the reported version affected is 10.5.3.0. Unable to determine if affected versions exist between 10.5.3.0 and 10.6.1.0", "id": "CVE-2009-4269", "lastModified": "2011-01-26T06:41:50.127", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-08-16T20:00:01.183", "references": [{"source": "secalert@redhat.com", "url": "http://blogs.sun.com/kah/entry/derby_10_6_1_has"}, {"source": "secalert@redhat.com", "url": "http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269"}, {"source": "secalert@redhat.com", "url": "http://marc.info/?l=apache-db-general&m=127428514905504&w=1"}, {"source": "secalert@redhat.com", "url": "http://marcellmajor.com/derbyhash.html"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/42948"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/42970"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/42637"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1024977"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2011/0149"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://issues.apache.org/jira/browse/DERBY-4483"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}