Back to search
CVE-2001-0597
Published: Jul 27, 2001
Modified: Aug 8, 2024
PUBLISHED
Description
Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password 'search space'.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
2567
vdb-entry
x_refsource_BID
20010410 Catastrophic failure of Strip password generation.
mailing-list
x_refsource_BUGTRAQ
strip-weak-passwords(6362)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now