Computer Security
[EN] securityvulns.ru no-pyccku


Osirix information leakage
Published:09.12.2013
Source:
SecurityVulns ID:13449
Type:local
Threat Level:
4/10
Description:Secret key is copied into file.
Affected:OSIRIX : Osirix 5.7
CVE:CVE-2013-4425 (The DICOM listener in OsiriX before 5.8 and before 2.5-MD, when starting up, encrypts the TLS private key file using "SuperSecretPassword" as the hardcoded password, which allows local users to obtain the private key.)
Original documentdocumentDirk-Willem van Gulik, CVE-2013-4425: Private key disclosure, Osirix (lite, 64bit and FDA cleader version) (Medical Application) (09.12.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod