Lucene search
MitreCVELIST:CVE-2014-0984HistoryApr 17, 2014 - 2:00 p.m.
CVE-2014-0984
2014-04-1714:00:00
mitre
raw.githubusercontent.com
The passwordCheck function in SAP Router 721 patch 117, 720 patch 411, 710 patch 029, and earlier terminates validation of a Route Permission Table entry password upon encountering the first incorrect character, which allows remote attackers to obtain passwords via a brute-force attack that relies on timing differences in responses to incorrect password guesses, aka a timing side-channel attack.
Related
prion
prion
Design/Logic Flaw
2014-04-17 14:55:00
packetstorm
packetstorm
SAP Router Password Timing Attack
2014-04-16 00:00:00
securityvulns
securityvulns
SAP Router timing attacks information leakage
2014-05-04 00:00:00
[CORE-2014-0003] - SAP Router Password Timing Attack
2014-05-04 00:00:00
coresecurity
coresecurity
SAP Router Password Timing Attack
2014-04-15 00:00:00
exploitpack
exploitpack
SAP Router - Timing Attack Password Disclosure
2014-04-17 00:00:00
seebug
seebug
SAP Router - Timing Attack Password Disclosure
2014-07-01 00:00:00
cve
cve
CVE-2014-0984
2014-04-17 14:55:08
zdt
zdt
SAP Router - Timing Attack Password Disclosure
2014-04-17 00:00:00
exploitdb
exploitdb
SAP Router - Timing Attack Password Disclosure
2014-04-17 00:00:00