{"vuid":"VU#178560","idnumber":"178560","name":"Dallas Semiconductor iButton DS1991 vulnerable to dictionary attack","keywords":["Dallas Semiconductor","iButton","DS1991"],"overview":"The Dallas Semiconductor iButton DS1991 is vulnerable to a dictionary attack, allowing an intruder to recover passwords.","clean_desc":"The Dallas Semiconductor iButton DS1911 stores 1 kilobyte of data in 3 separate password-protected areas. It includes functionality intended to prevent passwords guessing, but is vulnerable to dictionary attacks. For more information, see the advisory published by @stake Research Labs, available at http://www.atstake.com/research/advisories/2001/a011801-1.txt","impact":"Intruders can use a dictionary attack to recover passwords.","resolution":"Use passwords not found in any dictionary of any language, rewrite your application, or upgrade to the DS1963S.","workarounds":"","sysaffected":"","thanks":"Our thanks to @stake Research Labs for the information contained in their \nadvisory.","author":"This document was written by Shawn V. Hernan.","public":["http://www.atstake.com/research/advisories/index.html#011801-1","http://www.atstake.com/research/advisories/2001/a011801-1.txt"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-01-23T01:03:12Z","publicdate":"2001-01-18T00:00:00Z","datefirstpublished":"2001-05-06T04:41:03Z","dateupdated":"2001-06-21T04:26:50Z","revision":8,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"15","cam_impact":"15","cam_easeofexploitation":"10","cam_attackeraccessrequired":"9","cam_scorecurrent":"8.7328125","cam_scorecurrentwidelyknown":"8.7328125","cam_scorecurrentwidelyknownexploited":"16.3265625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":8.7328125,"vulnote":null}