Ubuntu.comUB:CVE-2014-1921CVE-2014-1921
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
80.0%
parcimonie before 0.8.1, when using a large keyring, sleeps for the same
amount of time between fetches, which allows attackers to correlate key
fetches via unspecified vectors.
Bugs
References
www.debian.org/security/2014/dsa-2860
bugs.debian.org/cgi-bin/bugreport.cgi?bug=738134
gaffer.ptitcanardnoir.org/intrigeri/files/parcimonie/App-Parcimonie-0.8.1.tar.gz
launchpad.net/bugs/cve/CVE-2014-1921
nvd.nist.gov/vuln/detail/CVE-2014-1921
security-tracker.debian.org/tracker/CVE-2014-1921
www.cve.org/CVERecord?id=CVE-2014-1921
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
80.0%