CVE-2011-3189

Name of the Vulnerable Software and Affected Versions PHP version 5.3.7

Description The issue in PHP allows remote attackers to potentially bypass authentication by providing an arbitrary password. This occurs because the crypt function returns the salt argument value instead of the hashed string when the MD5 hash type is used.

Recommendations For PHP version 5.3.7, consider updating to a newer version that addresses this issue, as the current version may allow attackers to bypass authentication using an arbitrary password. At the moment, there is no information about a newer version that contains a fix for this vulnerability.