PGP 7.0 Split Key Vulnerability: Unauthorized Key Access via Passphrase Capture

PGP 7.0 Split Key Vulnerability: Unauthorized Key Access via Passphrase Capture

CVE-2001-0435 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate.

Learn more about our Web Application Penetration Testing UK.