Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0940

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2002-0940
Last Modified 10 Sep 2008 03:13:25
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-0940

Summary

domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only).

Vulnerable Systems

Application

  • Ncipher Mscapi Csp 5.50

  • Ncipher Mscapi Csp 5.54


References

BUGTRAQ - 20020617 nCipher Advisory #3: MSCAPI keys erroneously module-protected - update

BUGTRAQ - 20020513 nCipher Security Advisory #3: MSCAPI CSP Install Wizard

BID - 4729


Last Updated: 27 May 2016 10:37:08