Lucene search

[email protected]CVE-2006-4021

HistoryAug 17, 2006 - 9:04 p.m.

CVE-2006-4021

2006-08-1721:04:00

[email protected]

web.nvd.nist.gov

scatterchat

cryptographic module

ecb mode encryption

cve-2006-4021

nvd

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.3%

JSON

The cryptographic module in ScatterChat 1.0.x allows attackers to identify patterns in large numbers of messages by identifying collisions using a birthday attack on the custom padding mechanism for ECB mode encryption.

Affected configurations

NVD

Node

scatterchatscatterchatMatch1.0.1

CPENameOperatorVersion
scatterchat:scatterchatscatterchateq1.0.1

CPE	Name	Operator	Version
scatterchat:scatterchat	scatterchat	eq	1.0.1

References

securityreason.com/securityalert/1396

www.scatterchat.com/advisories/2006-01_non_tech.html

www.scatterchat.com/advisories/2006-01_tech.html

www.securityfocus.com/archive/1/443038/100/100/threaded

www.securityfocus.com/bid/19485

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.3%

JSON

Related for CVE-2006-4021

nvd1 cvelist1