{"id":"CVE-2006-1058","details":"BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.","modified":"2026-01-27T04:06:28.582265Z","published":"2006-04-04T10:04:00Z","withdrawn":"2026-01-27T04:06:28.582265Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/19477"},{"type":"ADVISORY","url":"http://secunia.com/advisories/25098"},{"type":"ADVISORY","url":"http://secunia.com/advisories/25848"},{"type":"ADVISORY","url":"http://support.avaya.com/elmodocs2/security/ASA-2007-250.htm"},{"type":"WEB","url":"http://www.securityfocus.com/bid/17330"},{"type":"ADVISORY","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25569"},{"type":"WEB","url":"http://bugs.busybox.net/view.php?id=604"},{"type":"WEB","url":"http://www.redhat.com/support/errata/RHSA-2007-0244.html"},{"type":"WEB","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9483"}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}