First published: Fri Sep 17 2010(Updated: )
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Arg0 Encfs | =1.4.0 | |
Arg0 Encfs | <=1.6.0 | |
Arg0 Encfs | =1.4.2 | |
Arg0 Encfs | =1.4.1 | |
Arg0 Encfs | =1.5.0 | |
Arg0 Encfs | =1.4.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.