Arg0 : Security Vulnerabilities, CVEs,

CVE-2010-3075

EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the last block contains only one byte.
Max CVSS
5.0
EPSS Score
0.04%
Published
2010-09-17
Updated
2010-09-20

CVE-2010-3074

SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack.
Max CVSS
2.1
EPSS Score
0.04%
Published
2010-09-17
Updated
2011-01-14

CVE-2010-3073

SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.
Max CVSS
2.1
EPSS Score
0.04%
Published
2010-09-17
Updated
2011-01-14
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close