Bugtraq mailing list archives

Re: PasswordSafe 3.0 weak random number generator allows key recovery attack

From: ronys () users sf net
Date: 24 Mar 2006 07:03:30 -0000

Hi,

- As has been pointed out, this is a BETA release, so it's a bit, er, inelegant to describe this as a flaw in 3.0. 
Guess I'll have to bump the release number when we fix this...

- At least this is an implementation flaw, as opposed to the format design flaw that the good folks at ElcomSoft found 
last time...

  Cheers,

        Rony

Current thread:

PasswordSafe 3.0 weak random number generator allows key recovery attack info (Mar 23)
- Re: PasswordSafe 3.0 weak random number generator allows key recovery attack Dave Korn (Mar 23)
- <Possible follow-ups>
- Re: PasswordSafe 3.0 weak random number generator allows key recovery attack ronys (Mar 27)