CVE: CVE-2001-1436 - CVE-Search

CVE Details for CVE: CVE-2001-1436

Summary

Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password.

Timestamps
Last major update	11-07-2017 - 01:29
Published	18-01-2001 - 05:00
Last modified	11-07-2017 - 01:29

References

http://www.atstake.com/research/advisories/2001/a011801-1.txt
http://www.kb.cert.org/vuls/id/178560
https://exchange.xforce.ibmcloud.com/vulnerabilities/10625

Vulnerable Configurations

cpe:2.3:h:dallas_semiconductor:ibutton:ds1991:*:*:*:*:*:*:*
cpe:2.3:h:dallas_semiconductor:ibutton:ds1991:*:*:*:*:*:*:*

CAPEC

Click the CAPEC title to display a description

CWE

NVD-CWE-Other

CVSS

Base

4.6

Impact

6.4

Exploitability

3.9

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

CVSS3

None

VIA4 references

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

atstake	A011801-1
cert-vn	VU#178560
xf	ibutton-ds1991-dictionary(10625)