Bug 935773 (CVE-2015-0886) - VUL-0: CVE-2015-0886: rubygem-bcrypt-ruby: jBCrypt: integer overflow in the crypt_raw method
Summary: VUL-0: CVE-2015-0886: rubygem-bcrypt-ruby: jBCrypt: integer overflow in the ...
Status: RESOLVED INVALID
Alias: CVE-2015-0886
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Minor
Target Milestone: ---
Assignee: Ruby Devel
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/114342/
Whiteboard: CVSSv2:NVD:CVE-2015-0886:5.0:(AV:N/AC...
Keywords:
Depends on:
Blocks:
 
Reported: 2015-06-23 15:10 UTC by Marcus Meissner
Modified: 2016-04-27 19:25 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2015-06-23 15:10:08 UTC 
via rh bugzilla https://bugzilla.redhat.com/show_bug.cgi?id=1197815

Integer overflow in the crypt_raw method in the key-stretching implementation in
jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext
values of password hashes via a brute-force attack against hashes associated
with the maximum exponent.

References:

http://jvn.jp/en/jp/JVN77718330/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000033
http://www.mindrot.org/projects/jBCrypt/news/rel04.html
https://bugzilla.mindrot.org/show_bug.cgi?id=2097
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151797.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151786.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151496.html
Comment 1 Swamp Workflow Management 2015-06-23 22:00:45 UTC 
bugbot adjusting priority
Comment 2 Jordi Massaguer 2016-01-25 10:11:32 UTC 
This affects jruby implementation. We don't have a jruby packages. Thus this bug does not apply.