CVE-2011-0009

N/A Unknown
Published: January 25, 2011 Modified: April 29, 2026
View on NVD

Description

Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-dependent attackers to determine cleartext passwords via a brute-force attack on the database.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610850
Source: secalert@redhat.com
Patch
http://lists.bestpractical.com/pipermail/rt-announce/2011-January/000185.html
Source: secalert@redhat.com
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054740.html
Source: secalert@redhat.com
http://osvdb.org/70661
Source: secalert@redhat.com
http://secunia.com/advisories/43438
Source: secalert@redhat.com
Vendor Advisory
http://www.debian.org/security/2011/dsa-2150
Source: secalert@redhat.com
http://www.securityfocus.com/bid/45959
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2011/0190
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0475
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0576
Source: secalert@redhat.com
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=672250
Source: secalert@redhat.com
Patch
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
Source: secalert@redhat.com
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610850
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://lists.bestpractical.com/pipermail/rt-announce/2011-January/000185.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054740.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://osvdb.org/70661
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/43438
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.debian.org/security/2011/dsa-2150
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/45959
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2011/0190
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0475
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0576
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=672250
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
Source: af854a3a-2127-422b-91ae-364da2661108

24 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
1.9%
77th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-310

Affected Vendors

bestpractical

Related CVEs

CVE-2026-40941 N/A
CVE-2026-40084 6.5
CVE-2026-40083 7.2
CVE-2026-40082 5.4
CVE-2026-40080 6.1