Lucene search

MitreCVE-2001-0435

HistoryJul 02, 2001 - 4:00 a.m.

CVE-2001-0435

2001-07-0204:00:00

mitre

web.nvd.nist.gov

cve-2001-0435

pgp 7.0

split key mechanism

passphrase cache

information security.

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the “Cache passphrase while logged on” option and capturing the passphrases of other share holders as they authenticate.

Affected configurations

Nvd

Node

pgppgpMatch7.0

VendorProductVersionCPE
pgppgp7.0cpe:2.3:a:pgp:pgp:7.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pgp	pgp	7.0	cpe:2.3:a:pgp:pgp:7.0:::::::*

References

marc.info/?l=bugtraq&m=98691775527457&w=2

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2001-0435