Vulnerability Description
The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the "p" variable might not be prime, which allows remote attackers to determine the private key and decrypt messages.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Heiko Stamer | Openskat | <= 2.0 |
Related Weaknesses (CWE)
References
- http://freshmeat.net/projects/openskat/?branch_id=36295&release_id=178549Patch
- http://securitytracker.com/id?1012181
- http://www.osvdb.org/11652
- http://www.securityfocus.com/bid/11667Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18049
- http://freshmeat.net/projects/openskat/?branch_id=36295&release_id=178549Patch
- http://securitytracker.com/id?1012181
- http://www.osvdb.org/11652
- http://www.securityfocus.com/bid/11667Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18049
FAQ
What is CVE-2004-2721?
CVE-2004-2721 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the "p" variable might not be prime, which allows remote attackers to determine the private key and decrypt mess...
How severe is CVE-2004-2721?
CVE-2004-2721 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2721?
Check the references section above for vendor advisories and patch information. Affected products include: Heiko Stamer Openskat.