Research Triangle Software: Security Vulnerabilities
RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make it easier to conduct certain brute force guessing attacks.
CVSS Score
7.5
EPSS Score
0.003
Published
2003-12-31
RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a 55-byte passphrase in plaintext, which makes it easier for local users to guess the passphrase.
CVSS Score
7.5
EPSS Score
0.003
Published
2003-12-31
RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the passphrase and generates predictable keys, which makes it easier for attackers to guess the passphrase.
CVSS Score
7.5
EPSS Score
0.002
Published
2003-12-31
CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data.
CVSS Score
6.6
EPSS Score
0.008
Published
2003-12-31