nCipher nShield HSM Information Disclosure

2004-02-23T06:44:50
ID OSVDB:4055
Type osvdb
Reporter OSVDB
Modified 2004-02-23T06:44:50

Description

Vulnerability Description

nShield contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered because a local attacker is able to issue commands which will disclose secret key information resulting in a loss of confidentiality.

Solution Description

Upgrade to version indicated in vendor advisory or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

nShield contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered because a local attacker is able to issue commands which will disclose secret key information resulting in a loss of confidentiality.

References:

Secunia Advisory ID:10976 Other Advisory URL: http://www.ncipher.com/support/advisories/advisory9.htm Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-02/0585.html Keyword: nShield Keyword: nCipher Security Advisory #9 ISS X-Force ID: 15281 CVE-2004-0320 Bugtraq ID: 9717