CVE-2003-1417

Sažetak

nCipher Support Software 6.00, when using generatekey KeySafe to import keys, does not delete the temporary copies of the key, which may allow local users to gain access to the key by reading the (1) key.pem or (2) key.der files.

Reference

http://marc.info/?l=bugtraq&m=104619088801750&w=2
http://www.ncipher.com/support/advisories/advisory7_keyduplicates.html
http://www.securityfocus.com/bid/6927
https://exchange.xforce.ibmcloud.com/vulnerabilities/11422

CVSS

Base:	4.4
Impact:	6.4
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

29-07-2017 - 01:29

Objavljeno

31-12-2003 - 05:00