1. CVE-Search
  2. CVE-2005-3801
ID CVE-2005-3801
Summary CounterPane PasswordSafe 1.x and 2.x allows local users to test possible encryption keys against a subset of the stored key data without performing the more expensive key derivation function (KDF) function, which reduces the search time in brute force attacks.
References
Vulnerable Configurations
  • cpe:2.3:a:counterpane:passwordsafe:1.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:1.9.1a:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:1.9.1a:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:1.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:1.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:1.9.2-dk_experimental:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:1.9.2-dk_experimental:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:1.9.2a:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:1.9.2a:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:1.9.2b:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:1.9.2b:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:1.9.2b_ppc:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:1.9.2b_ppc:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:1.9.2c:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:1.9.2c:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:1.9.2c.1:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:1.9.2c.1:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:1.9.2c.2:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:1.9.2c.2:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.01:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.01:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.02:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.02:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.03:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.03:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.04:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.04:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.05:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.05:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.06:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.06:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.07:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.07:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.08:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.08:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.09:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.09:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.10:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.11:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.12:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.13:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:counterpane:passwordsafe:2.14:*:*:*:*:*:*:*
    cpe:2.3:a:counterpane:passwordsafe:2.14:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 18-10-2016 - 03:37)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 15455
bugtraq 20051116 Schneier's PasswordSafe password validation flaw
osvdb 21244
sreason 190
Last major update 18-10-2016 - 03:37
Published 24-11-2005 - 11:03
Last modified 18-10-2016 - 03:37
Back to Top