search menu icon-carat-right cmu-wordmark

CERT Coordination Center


mkpasswd uses weak random number generator

Vulnerability Note VU#527736

Original Release Date: 2003-04-02 | Last Revised: 2003-04-11

Overview

Mkpasswd generates passwords that are insufficiently random.

Description

Mkpasswd is a password generation utility included with Red Hat Linux and possibly other Linux distributions. Mkpasswd generates passwords that are not sufficiently random, which may allow an attacker to predict passwords and consequently gain unauthorized access to other accounts on the system. This vulnerability occurs because mkpasswd uses the current process ID as the seed for the random number generator. Because of this, the number of passwords is limited to the size of the process table on the operating system.

Impact

An attacker may be able to predict passwords and consequently gain unauthorized access to other accounts on the system.

Solution

Apply a patch from your vendor.

Vendor Information

527736
Expand all

Red Hat Inc.

Updated:  April 02, 2003

Status

  Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Red Hat has fixed this problem. For details, please see Bugzilla Bug 9507.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Apple Computer Inc.

Updated:  April 03, 2003

Status

  Not Vulnerable

Vendor Statement

mkpasswd is not shipped with Mac OS X.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Foundry Networks Inc.

Updated:  April 04, 2003

Status

  Not Vulnerable

Vendor Statement

Foundry Networks do not use the mkpasswd utility in any of its products. Foundry products are not vulnerable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Fujitsu

Updated:  April 10, 2003

Status

  Not Vulnerable

Vendor Statement

Fujitsu's UXP/V o.s. is not affected by the problem in VU#527736.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Hewlett-Packard Company

Updated:  April 03, 2003

Status

  Not Vulnerable

Vendor Statement

SOURCE:
Hewlett-Packard Company
HP Services
Software Security Response Team

Update 01

x-ref: SSRT3532

Hewlett Packard has investigated this report and find that:

HP-UX - not vulnerable
HP-MPE/ix - not vulnerable
HP Tru64 UNIX - not vulnerable
HP OpenVMS - not vulnerable
HP NonStop Servers - not vulnerable

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Hitachi

Updated:  April 11, 2003

Status

  Not Vulnerable

Vendor Statement

Hitachi's HI-UX/WE2 is NOT vulnerable, because it does not have mkpasswd.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Credit

This vulnerability was reported by Shez <shez@molions.com>.

This document was written by Ian A. Finlay.

Other Information

CVE IDs: None
Severity Metric: 7.03
Date Public: 2001-04-11
Date First Published: 2003-04-02
Date Last Updated: 2003-04-11 12:39 UTC
Document Revision: 19

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.