Lucene search

[email protected]CVE-2000-1008

HistoryDec 11, 2000 - 5:00 a.m.

CVE-2000-1008

2000-12-1105:00:00

[email protected]

web.nvd.nist.gov

palmos

weak encryption

physical access

decrypt

cve-2000-1008

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.5%

JSON

PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device.

Affected configurations

NVD

Node

palmpalm_osRange≤3.5.2

CPENameOperatorVersion
palm:palm_ospalm palm osle3.5.2

CPE	Name	Operator	Version
palm:palm_os	palm palm os	le	3.5.2

References

www.atstake.com/research/advisories/2000/a092600-1.txt

www.securityfocus.com/bid/1715

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.5%

JSON

Related for CVE-2000-1008

nvd1 cvelist1