5

CVE-2012-2743

Revelation 0.4.13-2 and earlier does not iterate through SHA hashing algorithms for AES encryption, which makes it easier for context-dependent attackers to guess passwords via a brute force attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mikel OlasagastiRevelation Version <= 0.4.13-2
Mikel OlasagastiRevelation Version0.1.0
Mikel OlasagastiRevelation Version0.1.1
Mikel OlasagastiRevelation Version0.1.2
Mikel OlasagastiRevelation Version0.2.0
Mikel OlasagastiRevelation Version0.2.1
Mikel OlasagastiRevelation Version0.3.0
Mikel OlasagastiRevelation Version0.3.1
Mikel OlasagastiRevelation Version0.3.2
Mikel OlasagastiRevelation Version0.3.3
Mikel OlasagastiRevelation Version0.3.4
Mikel OlasagastiRevelation Version0.4.0
Mikel OlasagastiRevelation Version0.4.1
Mikel OlasagastiRevelation Version0.4.2
Mikel OlasagastiRevelation Version0.4.3
Mikel OlasagastiRevelation Version0.4.4
Mikel OlasagastiRevelation Version0.4.5
Mikel OlasagastiRevelation Version0.4.6
Mikel OlasagastiRevelation Version0.4.7
Mikel OlasagastiRevelation Version0.4.8
Mikel OlasagastiRevelation Version0.4.9
Mikel OlasagastiRevelation Version0.4.10
Mikel OlasagastiRevelation Version0.4.11
Mikel OlasagastiRevelation Version0.4.12
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.12% 0.619
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html
http://oss.codepoet.no/revelation/issue/61/file-format-magic-string-version-mismatch
http://www.openwall.com/lists/oss-security/2012/06/18/1
http://www.openwall.com/lists/oss-security/2012/06/18/3
http://www.securityfocus.com/bid/54060
https://bugs.gentoo.org/show_bug.cgi?id=421571
https://exchange.xforce.ibmcloud.com/vulnerabilities/76408