DescriptionSSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SR:2010:023, published Wed, 08 Dec 2010 14:00:00 +0000
- openSUSE-SU-2010:1028-1, published Mon, 6 Dec 2010 22:08:16 +0100 (CET)
SUSE Timeline for this CVECVE page created: Fri Jun 28 07:41:58 2013
CVE page last modified: Fri Oct 7 12:45:57 2022