CVE-2010-3075
published 2010-09-17CVE-2010-3075: EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to…
PriorityP421medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
2.06%
79.0th percentile
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the last block contains only one byte.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arg0 | encfs | <= 1.6.0 | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | >= 0 < 1.7.2-1 | 1.7.2-1 |
| arg0 | encfs | >= 0 < 1.7.2-1 | 1.7.2-1 |
| arg0 | encfs | >= 0 < 1.7.2-1 | 1.7.2-1 |
| debian | encfs | < encfs 1.7.2-1 (bookworm) | encfs 1.7.2-1 (bookworm) |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_debian5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2010-3075: encfs - EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with...
vendor_debian·2010·CVSS 5.0
CVE-2010-3075 [MEDIUM] CVE-2010-3075: encfs - EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with...
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the last block contains only one byte.
Scope: local
bookworm: resolved (fixed in 1.7.2-1)
bullseye: resolved (fixed in 1.7.2-1)
sid: resolved (fixed in 1.7.2-1)
trixie: resolved (fixed in 1.7.2-1)
GHSA
GHSA-c4xf-64jj-vrh2: EncFS before 1
ghsa_unreviewed·2022-05-17
CVE-2010-3075 [MEDIUM] GHSA-c4xf-64jj-vrh2: EncFS before 1
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the last block contains only one byte.
OSV
CVE-2010-3075: EncFS before 1
osv·2010-09-17·CVSS 5.0
CVE-2010-3075 [MEDIUM] CVE-2010-3075: EncFS before 1
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the last block contains only one byte.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2010-3073 CVE-2010-3074 CVE-2010-3075 fuse-encfs: EncFS: Multiple flaws
bugzilla·2010-09-05·CVSS 2.1
CVE-2010-3073 [LOW] CVE-2010-3073 CVE-2010-3074 CVE-2010-3075 fuse-encfs: EncFS: Multiple flaws
CVE-2010-3073 CVE-2010-3074 CVE-2010-3075 fuse-encfs: EncFS: Multiple flaws
Micha Riser reported:
[A] http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.html
three security flaws in EncFS encrypted filesystem (more from [A]):
A security analysis of EncFS has revealed multiple vulnerabilities:
(1) Only 32 bit of file IV used
(2) Watermarking attack
(3) Last block with single byte is insecure
References:
[B] http://www.arg0.net/encfs
[C] http://bugs.gentoo.org/show_bug.cgi?id=335938
[D] http://archives.neohapsis.com/archives/fulldisclosure/2010-08/att-0316/watermark-attack-encfs.tar.gz
Solutions / patches information:
* for issue (1) -- seems it wasn't fixed / isn't possible to
fix without breaking backward compatibility. More from [B]:
"The old IV setup is kept for ba
Bugzilla
CVE-2010-2481 libtiff: TIFFExtractData out-of-bounds read crash
bugzilla·2010-07-06·CVSS 4.3
CVE-2010-2481 [MEDIUM] CVE-2010-2481 libtiff: TIFFExtractData out-of-bounds read crash
CVE-2010-2481 libtiff: TIFFExtractData out-of-bounds read crash
The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly
handle unknown tag types in TIFF directory entries, which allows
remote attackers to cause a denial of service (out-of-bounds read and
application crash) via a crafted TIFF file.
References:
http://thread.gmane.org/gmane.comp.security.oss.general/3075/focus=3097
http://bugzilla.maptools.org/show_bug.cgi?id=2210
Discussion:
According to Dan Rosenberg's report, this was originally reported to iDefense. Dan did not publish too much details about this issue, as it's addressed by Tom's patch from upstream bug report #2210.
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Via RHSA-2010:0519 https:
http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047794.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047798.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047825.htmlhttp://secunia.com/advisories/41158http://secunia.com/advisories/41478http://www.arg0.net/encfshttp://www.openwall.com/lists/oss-security/2010/09/05/3http://www.openwall.com/lists/oss-security/2010/09/06/1http://www.openwall.com/lists/oss-security/2010/09/07/8http://www.vupen.com/english/advisories/2010/2414https://bugzilla.redhat.com/show_bug.cgi?id=630460http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047794.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047798.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047825.htmlhttp://secunia.com/advisories/41158http://secunia.com/advisories/41478http://www.arg0.net/encfshttp://www.openwall.com/lists/oss-security/2010/09/05/3http://www.openwall.com/lists/oss-security/2010/09/06/1http://www.openwall.com/lists/oss-security/2010/09/07/8http://www.vupen.com/english/advisories/2010/2414https://bugzilla.redhat.com/show_bug.cgi?id=630460
2010-09-17
Published