PGP 7.0 Split Key Vulnerability: Unauthorized Key Access via Passphrase Capture
CVE-2001-0435 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate.
Learn more about our Web Application Penetration Testing UK.