CVE-2005-3801
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/11/2005
Last modified:
03/04/2025
Description
CounterPane PasswordSafe 1.x and 2.x allows local users to test possible encryption keys against a subset of the stored key data without performing the more expensive key derivation function (KDF) function, which reduces the search time in brute force attacks.
Impact
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:counterpane:passwordsafe:1.9.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:1.9.1a:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:1.9.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:1.9.2-dk_experimental:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:1.9.2a:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:1.9.2b:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:1.9.2b_ppc:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:1.9.2c:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:1.9.2c.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:1.9.2c.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:2.01:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:2.02:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:2.03:*:*:*:*:*:*:* | ||
| cpe:2.3:a:counterpane:passwordsafe:2.04:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://marc.info/?l=bugtraq&m=113217074200452&w=2
- http://securityreason.com/securityalert/190
- http://www.osvdb.org/21244
- http://www.securityfocus.com/bid/15455
- http://marc.info/?l=bugtraq&m=113217074200452&w=2
- http://securityreason.com/securityalert/190
- http://www.osvdb.org/21244
- http://www.securityfocus.com/bid/15455