CVE-2001-0597
Summary
Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password 'search space'.
- LOW
- LOCAL
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
References
Advisory Timeline
- Published