7.2

CVE-2001-0597

Exploit

EPSS 0.32%
Veröffentlicht 02.08.2001 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack.  This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password 'search space'.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Zetetic Enterprises ≫ Strip Version <= 0.5

Zetetic Enterprises ≫ Strip Version0.3

Zetetic Enterprises ≫ Strip Version0.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.32%	0.523

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://archives.neohapsis.com/archives/bugtraq/2001-04/0169.html

Patch

Vendor Advisory

Exploit

http://www.securityfocus.com/bid/2567

Patch

Vendor Advisory

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/6362

https://nvd.nist.gov/vuln/detail/CVE-2001-0597

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2001-0597

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2001-0597

EUVD