iButton Assist - Exported ContentProvider, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application iButton Assist published at the 'play' market has multiple vulnerabilities...

CVE-2001-1436

Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password...

CVE-2001-1436

The CVE concerns the Dallas Semiconductor iButton DS1991, where an incorrect password yields predictable values, enabling dictionary attacks by anyone with physical access. Affected: DS1991 device. The issue stems from password handling that allows predictable outputs, impacting confidentiality, ...

Dallas Semiconductor iButton DS1991 vulnerable to dictionary attack

Overview The Dallas Semiconductor iButton DS1991 is vulnerable to a dictionary attack, allowing an intruder to recover passwords. Description The Dallas Semiconductor iButton DS1911 stores 1 kilobyte of data in 3 separate password-protected areas. It includes functionality intended to prevent...

CVE-2001-1436

Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password...