CVE-2007-5460

Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption XOR obfuscation with a fixed key when sending the user's PIN/Password over the USB connection from the host to the device, which might make it easier for attackers to decode a PIN/Password obtained by 1 sniffing or 2...

PT-2007-6496 · Microsoft · Activesync

Name of the Vulnerable Software and Affected Versions: Microsoft ActiveSync version 4.1 Description: The issue concerns the use of weak encryption, specifically XOR obfuscation with a fixed key, when sending the user's PIN/Password over the USB connection from the host to the device. This might...

CVE-2007-5273

Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound...

Design/Logic Flaw

Microsoft Internet Explorer 6 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80, a differen...

For the Bluetooth PIN code of the latest attack techniques details of the analysis-vulnerability warning-the black bar safety net

Note: This Chapter is just to explain the determination for the Bluetooth PIN code of the latest attack techniques, in order to draw attention to prevention, and no other purpose. No person shall use in this article the description of the technology to do illegal things. Recently, many domestic a...

[Full-disclosure] Bluez hcid popen() explained.

kflistsatdigitalmunitiondotcom After the release of TheftOfLinkKey.txt I had several people mention that they did not quite understand why I consider the recently reported bluez vulnerability to be quite trivial. In this document I will attempt to outline an exploitable scenario for hcid using th...

CVE-2005-2547

CVE-2005-2547 affects BlueZ bluez-utils/hcid components. The advisory describes missing input sanitisation in security.c in hcid, enabling remote attackers to execute arbitrary commands by supplying shell metacharacters in the Bluetooth device name during PIN helper invocation. Affected products/...

CVE-2005-2547

security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper...

CVE-2005-2547

security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper...

CVE-2002-2122

Pointsec for PalmOS (before 1.2) stores a user PIN in plaintext in memory. This enables a local attacker who steals an unlocked Palm to retrieve the PIN via memory dump. The available connected documents confirm the product (Pointsec for PalmOS), the vulnerable behavior (plaintext PIN in memory),...

CVE-2002-2122

Pointsec before 1.2 for PalmOS stores a user's PIN number in memory in plaintext, which allows a local attacker who steals an unlocked Palm to retrieve the PIN by dumping memory...

CVE-2001-1520

Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant PDA via Rextools, and capturing the cleartext PIN...

CVE-2001-1520

The provided connected records confirm that CVE-2001-1520 affects the Xircom REX 6000 PDA, where local users can obtain the 10‑digit PIN by starting a serial monitor, connecting via Rextools, and capturing the cleartext PIN. The root cause centers on exposing the PIN through local serial access; ...

CVE-2004-1709

Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain the PINs of other users...

CVE-2004-0063

The vulnerability CVE-2004-0063 affects the nCipher payShield SPP library (versions 1.3.12, 1.5.18, 1.6.18). The root cause is that the SPP_VerifyPVV function returns a Status_OK value even when the HSM reports a different status, which could lead applications to make incorrect security-critical ...

CVE-2004-0063

The SPPVerifyPVV function in nCipher payShield SPP library 1.3.12, 1.5.18 and 1.6.18 returns a StatusOK value even if the HSM returns a different status code, which could cause applications to make incorrect security-critical decisions, e.g. by accepting an invalid PIN number...

[Full-Disclosure] Clear text password exposure in Datakey's tokens and smartcards

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Clear text password exposure in Datakey's tokens and smartcards Classification: =============== Level: LOW-med-high-crit ID: HEXVIEW200408031 Overview: ========= Datakey http://www.datakey.com delivers smartcard and token-based authentication and...

CVE-2004-0063

The SPPVerifyPVV function in nCipher payShield SPP library 1.3.12, 1.5.18 and 1.6.18 returns a StatusOK value even if the HSM returns a different status code, which could cause applications to make incorrect security-critical decisions, e.g. by accepting an invalid PIN number...

CVE-2002-2122

Pointsec before 1.2 for PalmOS stores a user's PIN number in memory in plaintext, which allows a local attacker who steals an unlocked Palm to retrieve the PIN by dumping memory...

KPMG-2002018: Pointsec for PalmOS PIN disclosure

-------------------------------------------------------------------- Title: Pointsec for PalmOS PIN disclosure BUG-ID: 2002018 Released: 03rd May 2002 Discovered by: Laurens Binken, KPMG IRM, the Netherlands -------------------------------------------------------------------- Problem: ========...