Insecure Key Generation in openSkat VTMF Allows Private Key Extraction

Insecure Key Generation in openSkat VTMF Allows Private Key Extraction

CVE-2004-2721 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the "p" variable might not be prime, which allows remote attackers to determine the private key and decrypt messages.

Learn more about our Web Application Penetration Testing UK.