QwikSec

Security Database

CVE

CWE

Training

CVE-2008-1883

Published: Apr 18, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrary MD5 string.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.scribd.com/doc/2363025/Hacking-Blackboard-Academic-Suite

x_refsource_MISC

third-party-advisory

x_refsource_SREASON

http://secskill.wordpress.com/2008/03/27/hacking-blackboard-academic-suite-2/

x_refsource_MISC

20080326 Blackboard Academic Suite Multiple XSS Vulnerabilities

mailing-list

x_refsource_BUGTRAQ

blackboard-client-information-disclosure(41935)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.