Lucene search

[email protected]CVE-2002-1977

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-1977

2022-10-0316:23:46

[email protected]

web.nvd.nist.gov

network associates

pgp 7.0.4

pgp 7.1

passphrase cache

encryption

vulnerability

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the “Passphrase Cache” option, which could allow attackers to open encrypted files without providing a passphrase.

Affected configurations

NVD

Node

pgppgpMatch7.0.4

pgppgpMatch7.1

CPENameOperatorVersion
pgp:pgppgpeq7.0.4
pgp:pgppgpeq7.1

CPE	Name	Operator	Version
pgp:pgp	pgp	eq	7.0.4
pgp:pgp	pgp	eq	7.1

References

archives.neohapsis.com/archives/bugtraq/2002-07/0313.html

archives.neohapsis.com/archives/bugtraq/2002-07/0322.html

www.iss.net/security_center/static/9690.php

www.securityfocus.com/bid/5318

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

Related for CVE-2002-1977

nvd1 cvelist1