Lucene search
HistoryFeb 05, 2008 - 3:00 a.m.
CVE-2007-6340
cve-2007-6340
geert moernaut
lsrunase
supercrypt
vulnerability
rc4 stream cipher
initialization vector
iv
cleartext passwords
nvd
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a unique initialization vector (IV), which makes it easier for local users to obtain cleartext passwords.
Affected configurations
Node
moernautlsrunaseMatch1.0
ORmoernautsupercryptMatch1.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| moernaut:lsrunase | moernaut lsrunase | eq | 1.0 |
| moernaut:supercrypt | moernaut supercrypt | eq | 1.0 |
Related
prion
prion
Default credentials
2008-02-05 03:00:00
nvd
nvd
CVE-2007-6340
2008-02-05 03:00:00
securityvulns
securityvulns
Insecure Use of RC4 in LSrunasE and Supercrypt (CVE-2007-6340)
2008-01-30 00:00:00
LSrunasE and Supercrypt cryptogoraphic vulnerabilities
2008-01-30 00:00:00
cvelist
cvelist
CVE-2007-6340
2008-02-05 02:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2007-6340