Lucene search
HistoryFeb 05, 2008 - 3:00 a.m.
CVE-2007-6340
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a unique initialization vector (IV), which makes it easier for local users to obtain cleartext passwords.
Affected configurations
Node
moernautlsrunaseMatch1.0
ORmoernautsupercryptMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| moernaut | lsrunase | 1.0 | cpe:2.3:a:moernaut:lsrunase:1.0:*:*:*:*:*:*:* |
| moernaut | supercrypt | 1.0 | cpe:2.3:a:moernaut:supercrypt:1.0:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2007-6340
2008-02-05 03:00:00
securityvulns
securityvulns
Insecure Use of RC4 in LSrunasE and Supercrypt (CVE-2007-6340)
2008-01-30 00:00:00
LSrunasE and Supercrypt cryptogoraphic vulnerabilities
2008-01-30 00:00:00
prion
prion
Default credentials
2008-02-05 03:00:00
cvelist
cvelist
CVE-2007-6340
2008-02-05 02:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2007-6340