Vulnerabilities > CVE-2001-1436 - Unspecified vulnerability in Dallas Semiconductor Ibutton Ds1991

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

dallas-semiconductor

NVD

Published: 2001-01-18

Updated: 2017-07-11

Summary

Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password. New version DS1963S corrects problem.

Vulnerable Configurations

Part	Description	Count
Hardware	Dallas_Semiconductor Dallas Semiconductor Ibutton Ds1991	1

References

http://www.atstake.com/research/advisories/2001/a011801-1.txt
http://www.kb.cert.org/vuls/id/178560
https://exchange.xforce.ibmcloud.com/vulnerabilities/10625