Executive Summary

Informations
NameCVE-2002-1975First vendor Publication2002-12-31
VendorCveLast vendor Modification2008-09-05

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score2.1Attack RangeLocal
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via brute force methods.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1975

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-20Encryption Brute Forcing
CAPEC-112Brute Force

CWE : Common Weakness Enumeration

%idName

CPE : Common Platform Enumeration

TypeDescriptionCount
Application2

Open Source Vulnerability Database (OSVDB)

idDescription
59952Zaurus PDA Screen Lock Password Encryption Salt Weakness

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/5201
XF http://www.iss.net/security_center/static/9535.php

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2013-05-11 12:15:02
  • Multiple Updates