Vulnerability CVE-2004-0838


Published: 2004-09-13   Modified: 2012-02-12

Description:
Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password protected part of the drive.

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.1/10
2.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Lexar -> Jumpdrive secure 

 References:
http://xforce.iss.net/xforce/xfdb/17342
http://www.securityfocus.com/bid/11162
http://www.atstake.com/research/advisories/2004/a091304-1.txt
http://secunia.com/advisories/12522

Copyright 2024, cxsecurity.com

 

Back to Top