Vulnerability Details CVE-2014-9687
eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00118.html
- http://www.openwall.com/lists/oss-security/2015/02/10/16
- http://www.openwall.com/lists/oss-security/2015/02/17/7
- http://www.openwall.com/lists/oss-security/2015/02/28/3
- http://www.ubuntu.com/usn/USN-2524-1
- https://bugs.launchpad.net/ecryptfs/+bug/906550
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00118.html
- http://www.openwall.com/lists/oss-security/2015/02/10/16
- http://www.openwall.com/lists/oss-security/2015/02/17/7
- http://www.openwall.com/lists/oss-security/2015/02/28/3
- http://www.ubuntu.com/usn/USN-2524-1
- https://bugs.launchpad.net/ecryptfs/+bug/906550
Products affected by CVE-2014-9687
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:-
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:100
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:101
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:102
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:103
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:104
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:58
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:60
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:61
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:62
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:63
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:64
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:65
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:66
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:67
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:68
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:69
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:70
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:71
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:72
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:73
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:74
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:75
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:76
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:77
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:78
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:79
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:80
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:81
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:82
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:83
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:84
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:85
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:86
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:87
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:89
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:90
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:91
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:92
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:93
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:94
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:95
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:97
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:99