CVE-2001-0597

2001-08-02T04:00:00
ID CVE-2001-0597
Type cve
Reporter cve@mitre.org
Modified 2017-12-19T02:29:00

Description

Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password 'search space'.