Search criteria
9 vulnerabilities found for nshield by ncipher
FKIE_CVE-2006-1117
Vulnerability from fkie_nvd - Published: 2006-03-09 13:06 - Updated: 2025-04-03 01:03
Severity ?
Summary
nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote attackers to obtain information about encryption keys and crack those keys with less effort than brute force.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ncipher:dse200_document_sealing_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD964801-9635-437D-9260-84F16619FC49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncipher:ncore:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA410AE-0FC0-46DC-B89A-651DEDA51622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncipher:nforce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6252FF68-DB64-4BEC-86D9-A8517B0F9D64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncipher:securedb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6456DCB1-209C-4F63-83D0-1E73CC85F788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncipher:time_source_master_clock:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F48A7766-4B50-4C25-8786-23DD88AFB7DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ncipher:nethsm:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83B802C8-58F9-4A03-BC1C-E2DA55CF1F8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nethsm:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C450BD00-9BCC-4E0F-83F9-BA5F0E293367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nethsm:2.1.12_cam5:*:*:*:*:*:*:*",
"matchCriteriaId": "17A5415F-6D6E-4B08-8073-7462E82520C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C008CC6B-6F9A-4541-97C5-7ED7C20349C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:payshield:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D0EB90-3ADD-4038-91AB-AB76C5910951",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote attackers to obtain information about encryption keys and crack those keys with less effort than brute force."
}
],
"id": "CVE-2006-1117",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-03-09T13:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19137"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1015718"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ncipher.com/resources/97/sa14_presence_of_flaws_in_firmware_security"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/427151/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17012"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0862"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1015718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ncipher.com/resources/97/sa14_presence_of_flaws_in_firmware_security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427151/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25063"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0320
Vulnerability from fkie_nvd - Published: 2004-11-23 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ncipher | nshield | 1.71.11 | |
| ncipher | nshield | 1.71.15 | |
| ncipher | nshield | 1.71.90 | |
| ncipher | nshield | 1.75.15 | |
| ncipher | nshield | 1.77.9 | |
| ncipher | nshield | 1.77.93 | |
| ncipher | nshield | 1.77.97 | |
| ncipher | nshield | 1.79.12 | |
| ncipher | nshield | 1.79.80 | |
| ncipher | nshield | 1.79.81 | |
| ncipher | nshield | 2.0 | |
| ncipher | nshield | 2.0.4 | |
| ncipher | nshield | 2.12 | |
| ncipher | nshield | 2.12.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ncipher:nshield:1.71.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0D404D97-8CC6-42C1-8CBC-B66661FFB397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:1.71.15:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3C568E-D377-4605-8136-C1CC8588E7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:1.71.90:*:*:*:*:*:*:*",
"matchCriteriaId": "71ED8F00-D042-4F40-9EA7-5C065AB7859C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:1.75.15:*:*:*:*:*:*:*",
"matchCriteriaId": "14152DDC-93C1-4B95-8151-D13BA7E61F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:1.77.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBC2454-7DFA-464C-B9A3-806D83F4A68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:1.77.93:*:*:*:*:*:*:*",
"matchCriteriaId": "C62A424A-236C-4EDF-8BBB-39178365C6D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:1.77.97:*:*:*:*:*:*:*",
"matchCriteriaId": "33124B47-4A08-44E6-BE5D-303570BE0742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:1.79.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D491BC-88CF-423A-AF6C-02ABAF1D6684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:1.79.80:*:*:*:*:*:*:*",
"matchCriteriaId": "5518689E-8388-47A4-B602-335EE6DB2D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:1.79.81:*:*:*:*:*:*:*",
"matchCriteriaId": "C5650AFD-57AC-4481-8905-0BFDEA96F8FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA1319A-352D-4E60-90D2-03D13010E328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D3A5387D-8546-4745-A369-A805EF6118DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "89FD75A1-7D5E-4BB0-8134-E270A58E2B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ncipher:nshield:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23ED050D-8C50-44E1-B7EC-51BE8D09E8FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module\u0027s run-time memory via certain sequences of commands."
}
],
"id": "CVE-2004-0320",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107755899018249\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4055"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9717"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107755899018249\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15281"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-0941
Vulnerability from fkie_nvd - Published: 2002-10-04 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ncipher:nforce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6252FF68-DB64-4BEC-86D9-A8517B0F9D64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ncipher:nshield:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C008CC6B-6F9A-4541-97C5-7ED7C20349C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges."
}
],
"id": "CVE-2002-0941",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9354.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9354.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5024"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2006-1117 (GCVE-0-2006-1117)
Vulnerability from cvelistv5 – Published: 2006-03-09 11:00 – Updated: 2024-08-07 16:56
VLAI?
Summary
nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote attackers to obtain information about encryption keys and crack those keys with less effort than brute force.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-0862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0862"
},
{
"name": "20060309 nCipher Advisory #14: Presence of flaws in firmware security",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427151/100/0/threaded"
},
{
"name": "ncipher-firmware-weak-security(25063)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25063"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ncipher.com/resources/97/sa14_presence_of_flaws_in_firmware_security"
},
{
"name": "1015718",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015718"
},
{
"name": "17012",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17012"
},
{
"name": "19137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote attackers to obtain information about encryption keys and crack those keys with less effort than brute force."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-0862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0862"
},
{
"name": "20060309 nCipher Advisory #14: Presence of flaws in firmware security",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/427151/100/0/threaded"
},
{
"name": "ncipher-firmware-weak-security(25063)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25063"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ncipher.com/resources/97/sa14_presence_of_flaws_in_firmware_security"
},
{
"name": "1015718",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015718"
},
{
"name": "17012",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17012"
},
{
"name": "19137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote attackers to obtain information about encryption keys and crack those keys with less effort than brute force."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-0862",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0862"
},
{
"name": "20060309 nCipher Advisory #14: Presence of flaws in firmware security",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427151/100/0/threaded"
},
{
"name": "ncipher-firmware-weak-security(25063)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25063"
},
{
"name": "http://www.ncipher.com/resources/97/sa14_presence_of_flaws_in_firmware_security",
"refsource": "CONFIRM",
"url": "http://www.ncipher.com/resources/97/sa14_presence_of_flaws_in_firmware_security"
},
{
"name": "1015718",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015718"
},
{
"name": "17012",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17012"
},
{
"name": "19137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1117",
"datePublished": "2006-03-09T11:00:00",
"dateReserved": "2006-03-09T00:00:00",
"dateUpdated": "2024-08-07T16:56:15.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0320 (GCVE-0-2004-0320)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:17
VLAI?
Summary
Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ncipher-hsm-obtain-info(15281)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15281"
},
{
"name": "9717",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9717"
},
{
"name": "4055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4055"
},
{
"name": "20040223 nCipher Advisory #9: Host-side attackers can access secret data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107755899018249\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module\u0027s run-time memory via certain sequences of commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ncipher-hsm-obtain-info(15281)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15281"
},
{
"name": "9717",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9717"
},
{
"name": "4055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4055"
},
{
"name": "20040223 nCipher Advisory #9: Host-side attackers can access secret data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107755899018249\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module\u0027s run-time memory via certain sequences of commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ncipher-hsm-obtain-info(15281)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15281"
},
{
"name": "9717",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9717"
},
{
"name": "4055",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4055"
},
{
"name": "20040223 nCipher Advisory #9: Host-side attackers can access secret data",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107755899018249\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0320",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0941 (GCVE-0-2002-0941)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ncipher-consolecallback-passphrase-leak(9354)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9354.php"
},
{
"name": "20020617 nCipher Advisory #4: Console Java apps can leak passphrases on Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html"
},
{
"name": "5024",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-09-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ncipher-consolecallback-passphrase-leak(9354)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9354.php"
},
{
"name": "20020617 nCipher Advisory #4: Console Java apps can leak passphrases on Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html"
},
{
"name": "5024",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5024"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ncipher-consolecallback-passphrase-leak(9354)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9354.php"
},
{
"name": "20020617 nCipher Advisory #4: Console Java apps can leak passphrases on Windows",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html"
},
{
"name": "5024",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5024"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0941",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-08-16T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1117 (GCVE-0-2006-1117)
Vulnerability from nvd – Published: 2006-03-09 11:00 – Updated: 2024-08-07 16:56
VLAI?
Summary
nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote attackers to obtain information about encryption keys and crack those keys with less effort than brute force.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-0862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0862"
},
{
"name": "20060309 nCipher Advisory #14: Presence of flaws in firmware security",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427151/100/0/threaded"
},
{
"name": "ncipher-firmware-weak-security(25063)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25063"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ncipher.com/resources/97/sa14_presence_of_flaws_in_firmware_security"
},
{
"name": "1015718",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015718"
},
{
"name": "17012",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17012"
},
{
"name": "19137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote attackers to obtain information about encryption keys and crack those keys with less effort than brute force."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-0862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0862"
},
{
"name": "20060309 nCipher Advisory #14: Presence of flaws in firmware security",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/427151/100/0/threaded"
},
{
"name": "ncipher-firmware-weak-security(25063)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25063"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ncipher.com/resources/97/sa14_presence_of_flaws_in_firmware_security"
},
{
"name": "1015718",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015718"
},
{
"name": "17012",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17012"
},
{
"name": "19137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote attackers to obtain information about encryption keys and crack those keys with less effort than brute force."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-0862",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0862"
},
{
"name": "20060309 nCipher Advisory #14: Presence of flaws in firmware security",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427151/100/0/threaded"
},
{
"name": "ncipher-firmware-weak-security(25063)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25063"
},
{
"name": "http://www.ncipher.com/resources/97/sa14_presence_of_flaws_in_firmware_security",
"refsource": "CONFIRM",
"url": "http://www.ncipher.com/resources/97/sa14_presence_of_flaws_in_firmware_security"
},
{
"name": "1015718",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015718"
},
{
"name": "17012",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17012"
},
{
"name": "19137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1117",
"datePublished": "2006-03-09T11:00:00",
"dateReserved": "2006-03-09T00:00:00",
"dateUpdated": "2024-08-07T16:56:15.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0320 (GCVE-0-2004-0320)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:17
VLAI?
Summary
Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ncipher-hsm-obtain-info(15281)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15281"
},
{
"name": "9717",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9717"
},
{
"name": "4055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4055"
},
{
"name": "20040223 nCipher Advisory #9: Host-side attackers can access secret data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107755899018249\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module\u0027s run-time memory via certain sequences of commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ncipher-hsm-obtain-info(15281)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15281"
},
{
"name": "9717",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9717"
},
{
"name": "4055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4055"
},
{
"name": "20040223 nCipher Advisory #9: Host-side attackers can access secret data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107755899018249\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module\u0027s run-time memory via certain sequences of commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ncipher-hsm-obtain-info(15281)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15281"
},
{
"name": "9717",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9717"
},
{
"name": "4055",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4055"
},
{
"name": "20040223 nCipher Advisory #9: Host-side attackers can access secret data",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107755899018249\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0320",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0941 (GCVE-0-2002-0941)
Vulnerability from nvd – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ncipher-consolecallback-passphrase-leak(9354)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9354.php"
},
{
"name": "20020617 nCipher Advisory #4: Console Java apps can leak passphrases on Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html"
},
{
"name": "5024",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-09-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ncipher-consolecallback-passphrase-leak(9354)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9354.php"
},
{
"name": "20020617 nCipher Advisory #4: Console Java apps can leak passphrases on Windows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html"
},
{
"name": "5024",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5024"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ncipher-consolecallback-passphrase-leak(9354)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9354.php"
},
{
"name": "20020617 nCipher Advisory #4: Console Java apps can leak passphrases on Windows",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html"
},
{
"name": "5024",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5024"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0941",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-08-16T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}