cve/CVE-2013-1895.md at 48a00929accbe24477052d164512463a2824377a

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

The py-bcrypt module before 0.3 for Python does not properly handle concurrent memory access, which allows attackers to bypass authentication via multiple authentication requests, which trigger the password hash to be overwritten.

POC

Reference

No PoCs from references.

Github

https://github.com/alanfairless/exploit-pybcrypt

715 B Raw Blame History

CVE-2013-1895

Description

POC

Reference

Github

715 B

Raw Blame History