Vulnerability Description
CounterPane PasswordSafe 1.x and 2.x allows local users to test possible encryption keys against a subset of the stored key data without performing the more expensive key derivation function (KDF) function, which reduces the search time in brute force attacks.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Counterpane | Passwordsafe | 1.9.0 |
References
- http://marc.info/?l=bugtraq&m=113217074200452&w=2
- http://securityreason.com/securityalert/190
- http://www.osvdb.org/21244
- http://www.securityfocus.com/bid/15455
- http://marc.info/?l=bugtraq&m=113217074200452&w=2
- http://securityreason.com/securityalert/190
- http://www.osvdb.org/21244
- http://www.securityfocus.com/bid/15455
FAQ
What is CVE-2005-3801?
CVE-2005-3801 is a vulnerability with a CVSS score of 4.6 (MEDIUM). CounterPane PasswordSafe 1.x and 2.x allows local users to test possible encryption keys against a subset of the stored key data without performing the more expensive key derivation function (KDF) fun...
How severe is CVE-2005-3801?
CVE-2005-3801 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3801?
Check the references section above for vendor advisories and patch information. Affected products include: Counterpane Passwordsafe.