Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0275

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2000-0275
Last Modified 10 Sep 2008 03:03:54
Published 10 Apr 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-0275

Summary

CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN.

Vulnerable Systems

Application

  • Cryptocard Cryptoadmin 4.1


References

BID - 1097

L0PHT - 20000410 CRYPTOCard PalmToken PIN Extraction

BUGTRAQ - 20000410 CRYPTOAdmin 4.1 server with PalmPilot PT-1 token 1.04 PIN Extract ion


Last Updated: 27 May 2016 10:35:38