Search
Find a vulnerability
Search criteria
2 vulnerabilities found for ked_password_manager by ked_password_manager_project
CVE-2017-8296 (GCVE-0-2017-8296)
Vulnerability from nvd – Published: 2017-04-27 15:00 – Updated: 2024-08-05 16:34
VLAI
EPSS
VEX
Summary
kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the "password" command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://openwall.com/lists/oss-security/2017/04/26/9 | x_refsource_CONFIRM |
| https://sourceforge.net/p/kedpm/bugs/6/ | x_refsource_MISC |
| https://security.gentoo.org/glsa/201708-04 | vendor-advisoryx_refsource_GENTOO |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug… | x_refsource_CONFIRM |
Date Public
2017-04-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:34:21.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2017/04/26/9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/kedpm/bugs/6/"
},
{
"name": "GLSA-201708-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-04"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860817"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the \"password\" command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-21T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://openwall.com/lists/oss-security/2017/04/26/9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/kedpm/bugs/6/"
},
{
"name": "GLSA-201708-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-04"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860817"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the \"password\" command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://openwall.com/lists/oss-security/2017/04/26/9",
"refsource": "CONFIRM",
"url": "http://openwall.com/lists/oss-security/2017/04/26/9"
},
{
"name": "https://sourceforge.net/p/kedpm/bugs/6/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/kedpm/bugs/6/"
},
{
"name": "GLSA-201708-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-04"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860817",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860817"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8296",
"datePublished": "2017-04-27T15:00:00.000Z",
"dateReserved": "2017-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:34:21.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8296 (GCVE-0-2017-8296)
Vulnerability from cvelistv5 – Published: 2017-04-27 15:00 – Updated: 2024-08-05 16:34
VLAI
EPSS
VEX
Summary
kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the "password" command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://openwall.com/lists/oss-security/2017/04/26/9 | x_refsource_CONFIRM |
| https://sourceforge.net/p/kedpm/bugs/6/ | x_refsource_MISC |
| https://security.gentoo.org/glsa/201708-04 | vendor-advisoryx_refsource_GENTOO |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug… | x_refsource_CONFIRM |
Date Public
2017-04-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:34:21.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2017/04/26/9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/kedpm/bugs/6/"
},
{
"name": "GLSA-201708-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-04"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860817"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the \"password\" command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-21T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://openwall.com/lists/oss-security/2017/04/26/9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/kedpm/bugs/6/"
},
{
"name": "GLSA-201708-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-04"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860817"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the \"password\" command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://openwall.com/lists/oss-security/2017/04/26/9",
"refsource": "CONFIRM",
"url": "http://openwall.com/lists/oss-security/2017/04/26/9"
},
{
"name": "https://sourceforge.net/p/kedpm/bugs/6/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/kedpm/bugs/6/"
},
{
"name": "GLSA-201708-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-04"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860817",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860817"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8296",
"datePublished": "2017-04-27T15:00:00.000Z",
"dateReserved": "2017-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:34:21.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}