Vulnerabilities > CVE-2013-4441 - Improper Restriction of Excessive Authentication Attempts vulnerability in Pwgen Project Pwgen 2.06

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

pwgen-project

CWE-307

critical

NVD

Published: 2020-01-27

Updated: 2020-01-30

Summary

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

Vulnerable Configurations

Part	Description	Count
Application	Pwgen_Project Pwgen Project Pwgen 2.06	1

Common Weakness Enumeration (CWE)

CWE-307 - Improper Restriction of Excessive Authentication Attempts

References

http://www.openwall.com/lists/oss-security/2013/10/16/15
https://www.openwall.com/lists/oss-security/2012/01/22/6
http://www.openwall.com/lists/oss-security/2013/06/06/1
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726578