Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3675

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-3675
Last Modified 05 Sep 2008 05:07:45
Published 28 Jul 2006 06:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-3675

Summary

Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents.

Vulnerable Systems

Application

  • Counterpane Passwordsafe 2.11

  • Counterpane Passwordsafe 2.16

  • Counterpane Passwordsafe 3.0beta1


References

XF - passwordsafe-lock-weak-security(27933)

MISC - http://www.symantec.com/enterprise/research/SYMSA-2006-008.txt

BID - 19078

BUGTRAQ - 20060721 SYMSA-2006-008:Password Safe - Lock Password Database Configuration Not Enforced

SECTRACK - 1016565

SREASON - 1308


Last Updated: 27 May 2016 10:43:06