Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1538

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2006-1538
Last Modified 05 Sep 2008 05:02:11
Published 30 Mar 2006 06:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1538

Summary

The Enova X-Wall ASIC encrypts with a key obtained via Microwire from a serial EEPROM that stores the key in cleartext, which allows local users with physical access to obtain the key by reading and duplicating an EEPROM that is located on a hardware token, or by sniffing the Microwire bus.

Vulnerable Systems

Application

  • Enova X-wall Asic


References

BUGTRAQ - 20060329 [HV-INFO] Enova hardware encryption: false sense of security

MISC - http://www.hexview.com/docs/20060328-1.txt

XF - enova-xwall-insecure-encryption-key(25527)

SREASON - 648


Last Updated: 27 May 2016 10:42:06