CVE-2006-1117

CVE-2006-1117 concerns nCipher firmware before v10 (used by nShield, nForce, netHSM, payShield, SecureDB, DSE200, TSMC, and possibly others). The issue arises from options meant for testing, not production, which might allow remote attackers to obtain encryption keys and crack them with less effo...

CVE-2002-0941

The CVE-2002-0941 entry concerns the ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, used by the TrustedCodeTool and possibly other applications. The issue is a passphrase leak that occurs when a user aborts an application prompting for the passphrase, which could allow an...