ID CVE-2013-7252
Summary kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a codebook attack.
References
Vulnerable Configurations
  • KDE KDE Applications 14.11.3
    cpe:2.3:a:kde:kde_applications:14.11.3
CVSS
Base: 5.0 (as of 02-08-2016 - 09:49)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_KDE4-L10N-150305.NASL
    description kdebase4-runtime has been updated to fix one security issue : - Added gpg based encryption support to kwallet. (bnc#857200). (CVE-2013-7252)
    last seen 2018-09-02
    modified 2015-03-18
    plugin id 81909
    published 2015-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81909
    title SuSE 11.3 Security Update : kdebase4-runtime (SAT Patch Number 10404)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-0564.NASL
    description Pull in upstream fixes for: CVE-2013-7252 kwallet: crypto misuse, and kio_sftp corruption Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 80974
    published 2015-01-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80974
    title Fedora 20 : kde-runtime-4.14.3-3.fc20 (2015-0564)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201606-19.NASL
    description The remote host is affected by the vulnerability described in GLSA-201606-19 (kwalletd: Information disclosure) Kwalletd in KWallet uses Blowfish with ECB mode instead of CBC mode when encrypting the password store. Impact : Local attackers, with access to the password store, could conduct a codebook attack in order to obtain confidential passwords. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2016-06-28
    plugin id 91864
    published 2016-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91864
    title GLSA-201606-19 : kwalletd: Information disclosure
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_7A8A74D19C3411E4A40B5453ED2E2B49.NASL
    description Valentin Rusu reports : Until KDE Applications 14.12.0, kwalletd incorrectly handled CBC encryption blocks when encrypting secrets in kwl files. The secrets were still encrypted, but the result binary data corresponded to an ECB encrypted block instead of CBC. The ECB encryption algorithm, even if it'll scramble user data, will produce same encrypted byte sequence for the same input text. As a result, attackers may eventually find-out the encrypted text.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 80537
    published 2015-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80537
    title FreeBSD : kde-runtime -- incorrect CBC encryption handling (7a8a74d1-9c34-11e4-a40b-5453ed2e2b49)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-0569.NASL
    description Pull in upstream fixes for: CVE-2013-7252 kwallet: crypto misuse, and kio_sftp corruption Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 80534
    published 2015-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80534
    title Fedora 21 : kde-runtime-4.14.3-3.fc21 (2015-0569)
refmap via4
bid 67716
confirm
gentoo GLSA-201606-19
misc http://gaganpreet.in/blog/2013/07/24/kwallet-security-analysis/
mlist
  • [oss-security] 20140102 kwallet crypto misuse
  • [oss-security] 20150109 Re: CVE Request: kwallet: incorrect CBC encryption handling
Last major update 02-08-2016 - 09:58
Published 18-01-2015 - 13:59
Back to Top