eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N
Vendors Products
Ecryptfs
  • Ecryptfs-utils

Configuration 1 [-]

cpe:2.3:a:ecryptfs:ecryptfs-utils:*:*:*:*:*:*:*:*
References
Link Resource
http://lists.opensuse.org/opensuse-updates/2016-01/msg00118.html
http://www.openwall.com/lists/oss-security/2015/02/10/16
http://www.openwall.com/lists/oss-security/2015/02/17/7
http://www.openwall.com/lists/oss-security/2015/02/28/3
http://www.ubuntu.com/usn/USN-2524-1 Vendor Advisory
https://bugs.launchpad.net/ecryptfs/+bug/906550 Exploit
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2015-03-16T14:00:00

Updated: 2016-12-02T20:57:01

Reserved: 2015-02-27T00:00:00

Link: CVE-2014-9687

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2015-03-16T14:59:00.067

Modified: 2016-12-06T02:59:27.990

Link: CVE-2014-9687

JSON object: View

cve-icon Redhat Information

No data.

CWE