CVE-2004-2721

The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the "p" variable might not be prime, which allows remote attackers to determine the private key and decrypt messages.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://freshmeat.net/projects/openskat/?branch_id=36295&release_id=178549	Patch
http://securitytracker.com/id?1012181
http://www.osvdb.org/11652
http://www.securityfocus.com/bid/11667	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/18049
http://freshmeat.net/projects/openskat/?branch_id=36295&release_id=178549	Patch
http://securitytracker.com/id?1012181
http://www.osvdb.org/11652
http://www.securityfocus.com/bid/11667	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/18049

Configurations

Configuration 1 (hide)

cpe:2.3:a:heiko_stamer:openskat:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2004-2721

Mitre link : CVE-2004-2721

CVE.ORG link : CVE-2004-2721

JSON object : View

Products Affected

heiko_stamer

openskat

CWE

CWE-310

Cryptographic Issues

{"id": "CVE-2004-2721", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"url": "http://freshmeat.net/projects/openskat/?branch_id=36295&release_id=178549", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1012181", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/11652", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/11667", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18049", "source": "cve@mitre.org"}, {"url": "http://freshmeat.net/projects/openskat/?branch_id=36295&release_id=178549", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1012181", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/11652", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/11667", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18049", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-310"}]}], "descriptions": [{"lang": "en", "value": "The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the \"p\" variable might not be prime, which allows remote attackers to determine the private key and decrypt messages."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:heiko_stamer:openskat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DA1A0B5-4B35-4953-84B4-A8E315707AEF", "versionEndIncluding": "2.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}