An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES (aka the CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des" setting).
References
Link | Resource |
---|---|
https://blogger.davidmanouchehri.com/2017/12/steam-link-security-truncated-password.html | Issue Tracking Patch Third Party Advisory |
https://github.com/ValveSoftware/steamlink-sdk/issues/101 | Issue Tracking Patch Third Party Advisory |
https://github.com/ValveSoftware/steamlink-sdk/issues/110 | Issue Tracking Patch Third Party Advisory |
https://blogger.davidmanouchehri.com/2017/12/steam-link-security-truncated-password.html | Issue Tracking Patch Third Party Advisory |
https://github.com/ValveSoftware/steamlink-sdk/issues/101 | Issue Tracking Patch Third Party Advisory |
https://github.com/ValveSoftware/steamlink-sdk/issues/110 | Issue Tracking Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 03:18
Type | Values Removed | Values Added |
---|---|---|
References | () https://blogger.davidmanouchehri.com/2017/12/steam-link-security-truncated-password.html - Issue Tracking, Patch, Third Party Advisory | |
References | () https://github.com/ValveSoftware/steamlink-sdk/issues/101 - Issue Tracking, Patch, Third Party Advisory | |
References | () https://github.com/ValveSoftware/steamlink-sdk/issues/110 - Issue Tracking, Patch, Third Party Advisory |
Information
Published : 2017-12-27 17:08
Updated : 2024-11-21 03:18
NVD link : CVE-2017-17878
Mitre link : CVE-2017-17878
CVE.ORG link : CVE-2017-17878
JSON object : View
Products Affected
valvesoftware
- steam_link
- steam_link_firmware
CWE
CWE-327
Use of a Broken or Risky Cryptographic Algorithm