SafeWord e.Id Trivial PIN Brute-Force Vulnerability
BID:2105
Info
SafeWord e.Id Trivial PIN Brute-Force Vulnerability
| Bugtraq ID: | 2105 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Dec 14 2000 12:00AM |
| Updated: | Mar 19 2015 09:10AM |
| Credit: | This vulnerability was disclosed by @Stake, Inc. |
| Vulnerable: |
Securecomputing e.iD Authenticator for Palm 2.0 |
| Not Vulnerable: | |
Exploit / POC
SafeWord e.Id Trivial PIN Brute-Force Vulnerability
@Stake has made available in source code and executable form a tool that will extract and extract via brute force the PIN number from a "sceiddb.pdb" file. It can be found at: http://www.atstake.com/research/advisories/2000/eidextract.zip
@Stake has made available in source code and executable form a tool that will extract and extract via brute force the PIN number from a "sceiddb.pdb" file. It can be found at: http://www.atstake.com/research/advisories/2000/eidextract.zip
References
SafeWord e.Id Trivial PIN Brute-Force Vulnerability
References:
References: