N/A

PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak random number generator (C++ rand function) during generation of the database encryption key, which makes it easier for attackers to decrypt the database and steal passwords by generating keys for all possible rand() seed values and conducting a known plaintext attack.

N/A

N/A

Counterpane Password Safe不安全随机数发生漏洞

PasswordSafe 3.0 beta，当运行于Windows XP之前版本上时，在数据库加密密钥生成期间，使用一个弱随机数生成器(C++ rand函数) ，从而攻击者可通过以下途径解密数据库和窃取口令：采用各种可能的rand()种子值生成密码和实施一个已知plaintext攻击。

N/A

N/A