Lucene search

[email protected]CVE-2004-2721

HistoryOct 06, 2007 - 9:00 p.m.

CVE-2004-2721

2007-10-0621:00:00

CWE-310

[email protected]

web.nvd.nist.gov

openskat

vtmf

checkgroup

public key

prime variable

remote attackers

private key

decrypt messages

cve-2004-2721

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.1%

JSON

The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the “p” variable might not be prime, which allows remote attackers to determine the private key and decrypt messages.

Affected configurations

NVD

Node

heiko_stameropenskatRange≤2.0

CPENameOperatorVersion
heiko_stamer:openskatheiko stamer openskatle2.0

CPE	Name	Operator	Version
heiko_stamer:openskat	heiko stamer openskat	le	2.0

References

freshmeat.net/projects/openskat/?branch_id=36295&release_id=178549

securitytracker.com/id?1012181

www.osvdb.org/11652

www.securityfocus.com/bid/11667

exchange.xforce.ibmcloud.com/vulnerabilities/18049

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.1%

JSON

Related for CVE-2004-2721

cvelist1 nvd1