CVE-2005-3801 Information

Description

CounterPane PasswordSafe 1.x and 2.x allows local users to test possible encryption keys against a subset of the stored key data without performing the more expensive key derivation function (KDF) function which reduces the search time in brute force attacks.

Reference

http://marc.info/?l=bugtraq&m=113217074200452&w=2 http://securityreason.com/securityalert/190 http://www.osvdb.org/21244 http://www.securityfocus.com/bid/15455