Search criteria
9 vulnerabilities found for datatraveler_blackbox by kingston
FKIE_CVE-2010-0221
Vulnerability from fkie_nvd - Published: 2010-01-07 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kingston | datatraveler_blackbox | * | |
| kingston | datatraveler_elite | * | |
| kingston | datatraveler_secure | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:kingston:datatraveler_blackbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB91653-9096-47B8-9238-3F11F70979F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:kingston:datatraveler_elite:*:*:privacy:*:*:*:*:*",
"matchCriteriaId": "6EC727F1-07ED-4FA1-B7F9-3F0499ABE62A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:kingston:datatraveler_secure:*:*:privacy:*:*:*:*:*",
"matchCriteriaId": "6B7C3258-1FD3-490C-85A3-42EA85AB2664",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program."
},
{
"lang": "es",
"value": "Los dispositivos USB Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) validan las contrase\u00f1as con un programa que se ejecuta en el ordenador anfitri\u00f3n y no en el propio dispositivo, lo que permite a atacantes cercanos f\u00edsicamente, acceder a los contenidos del dispositivo mediante un programa modificado."
}
],
"id": "CVE-2010-0221",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-01-07T19:30:00.463",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"source": "cve@mitre.org",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"source": "cve@mitre.org",
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1023410"
},
{
"source": "cve@mitre.org",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"source": "cve@mitre.org",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"
},
{
"source": "cve@mitre.org",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-0222
Vulnerability from fkie_nvd - Published: 2010-01-07 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kingston | datatraveler_blackbox | * | |
| kingston | datatraveler_elite | * | |
| kingston | datatraveler_secure | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:kingston:datatraveler_blackbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB91653-9096-47B8-9238-3F11F70979F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:kingston:datatraveler_elite:*:*:privacy:*:*:*:*:*",
"matchCriteriaId": "6EC727F1-07ED-4FA1-B7F9-3F0499ABE62A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:kingston:datatraveler_secure:*:*:privacy:*:*:*:*:*",
"matchCriteriaId": "6B7C3258-1FD3-490C-85A3-42EA85AB2664",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
},
{
"lang": "es",
"value": "Los dispositivos USB Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), y DataTraveler Elite Privacy Edition (DTEP), emplean una clave de 256 bit para obtener acceso a los contenidos del dispositivo, lo que facilita a atacantes cercanos f\u00edsicamente, leer o modificar los datos empleando esta clave."
}
],
"id": "CVE-2010-0222",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-01-07T19:30:00.497",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"source": "cve@mitre.org",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"source": "cve@mitre.org",
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"source": "cve@mitre.org",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"source": "cve@mitre.org",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-0223
Vulnerability from fkie_nvd - Published: 2010-01-07 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kingston | datatraveler_blackbox | * | |
| kingston | datatraveler_elite | * | |
| kingston | datatraveler_secure | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:kingston:datatraveler_blackbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB91653-9096-47B8-9238-3F11F70979F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:kingston:datatraveler_elite:*:*:privacy:*:*:*:*:*",
"matchCriteriaId": "6EC727F1-07ED-4FA1-B7F9-3F0499ABE62A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:kingston:datatraveler_secure:*:*:privacy:*:*:*:*:*",
"matchCriteriaId": "6B7C3258-1FD3-490C-85A3-42EA85AB2664",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time."
},
{
"lang": "es",
"value": "Los dispositivos flash USB Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), y DataTraveler Elite Privacy Edition (DTEP) no previenen los ataques de repetici\u00f3n de contrase\u00f1a, lo que permite a atacantes f\u00edsicamente pr\u00f3ximos acceder al contenido del dispositivo en texto plano proporcionando una clave que fue capturada en un flujo de datos UBS una vez anterior."
}
],
"id": "CVE-2010-0223",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-01-07T19:30:00.543",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"source": "cve@mitre.org",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"source": "cve@mitre.org",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2010-0223 (GCVE-0-2010-0223)
Vulnerability from cvelistv5 – Published: 2010-01-07 19:00 – Updated: 2024-08-07 00:45
VLAI?
Summary
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-03-26T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0223",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kingston.com/driveupdate/",
"refsource": "MISC",
"url": "http://www.kingston.com/driveupdate/"
},
{
"name": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9",
"refsource": "MISC",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9"
},
{
"name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf",
"refsource": "MISC",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed",
"refsource": "MISC",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0223",
"datePublished": "2010-01-07T19:00:00",
"dateReserved": "2010-01-07T00:00:00",
"dateUpdated": "2024-08-07T00:45:11.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0222 (GCVE-0-2010-0222)
Vulnerability from cvelistv5 – Published: 2010-01-07 19:00 – Updated: 2024-08-07 00:45
VLAI?
Summary
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:10.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-03-26T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kingston.com/driveupdate/",
"refsource": "MISC",
"url": "http://www.kingston.com/driveupdate/"
},
{
"name": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9",
"refsource": "MISC",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9"
},
{
"name": "http://it.slashdot.org/story/10/01/05/1734242/",
"refsource": "MISC",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"name": "http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm",
"refsource": "MISC",
"url": "http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm"
},
{
"name": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html",
"refsource": "MISC",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"name": "http://blogs.zdnet.com/hardware/?p=6655",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf",
"refsource": "MISC",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed",
"refsource": "MISC",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0222",
"datePublished": "2010-01-07T19:00:00",
"dateReserved": "2010-01-07T00:00:00",
"dateUpdated": "2024-08-07T00:45:10.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0221 (GCVE-0-2010-0221)
Vulnerability from cvelistv5 – Published: 2010-01-07 19:00 – Updated: 2024-08-07 00:45
VLAI?
Summary
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:10.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"name": "1023410",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023410"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "kingston-access-control-sec-bypass(55477)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"name": "1023410",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023410"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "kingston-access-control-sec-bypass(55477)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kingston.com/driveupdate/",
"refsource": "MISC",
"url": "http://www.kingston.com/driveupdate/"
},
{
"name": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9",
"refsource": "MISC",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9"
},
{
"name": "1023410",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023410"
},
{
"name": "http://it.slashdot.org/story/10/01/05/1734242/",
"refsource": "MISC",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"name": "http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm",
"refsource": "MISC",
"url": "http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm"
},
{
"name": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html",
"refsource": "MISC",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"name": "http://blogs.zdnet.com/hardware/?p=6655",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "kingston-access-control-sec-bypass(55477)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"
},
{
"name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf",
"refsource": "MISC",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed",
"refsource": "MISC",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0221",
"datePublished": "2010-01-07T19:00:00",
"dateReserved": "2010-01-07T00:00:00",
"dateUpdated": "2024-08-07T00:45:10.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0223 (GCVE-0-2010-0223)
Vulnerability from nvd – Published: 2010-01-07 19:00 – Updated: 2024-08-07 00:45
VLAI?
Summary
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-03-26T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0223",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kingston.com/driveupdate/",
"refsource": "MISC",
"url": "http://www.kingston.com/driveupdate/"
},
{
"name": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9",
"refsource": "MISC",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9"
},
{
"name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf",
"refsource": "MISC",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed",
"refsource": "MISC",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0223",
"datePublished": "2010-01-07T19:00:00",
"dateReserved": "2010-01-07T00:00:00",
"dateUpdated": "2024-08-07T00:45:11.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0222 (GCVE-0-2010-0222)
Vulnerability from nvd – Published: 2010-01-07 19:00 – Updated: 2024-08-07 00:45
VLAI?
Summary
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:10.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-03-26T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kingston.com/driveupdate/",
"refsource": "MISC",
"url": "http://www.kingston.com/driveupdate/"
},
{
"name": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9",
"refsource": "MISC",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9"
},
{
"name": "http://it.slashdot.org/story/10/01/05/1734242/",
"refsource": "MISC",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"name": "http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm",
"refsource": "MISC",
"url": "http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm"
},
{
"name": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html",
"refsource": "MISC",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"name": "http://blogs.zdnet.com/hardware/?p=6655",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf",
"refsource": "MISC",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed",
"refsource": "MISC",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0222",
"datePublished": "2010-01-07T19:00:00",
"dateReserved": "2010-01-07T00:00:00",
"dateUpdated": "2024-08-07T00:45:10.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0221 (GCVE-0-2010-0221)
Vulnerability from nvd – Published: 2010-01-07 19:00 – Updated: 2024-08-07 00:45
VLAI?
Summary
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:10.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"name": "1023410",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023410"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "kingston-access-control-sec-bypass(55477)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kingston.com/driveupdate/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews%5Btt_news%5D=528\u0026cHash=8d16fa63d9"
},
{
"name": "1023410",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023410"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.zdnet.co.uk/security/0%2C1000000189%2C39963327%2C00.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "kingston-access-control-sec-bypass(55477)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kingston.com/driveupdate/",
"refsource": "MISC",
"url": "http://www.kingston.com/driveupdate/"
},
{
"name": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9",
"refsource": "MISC",
"url": "http://www.syss.de/index.php?id=108\u0026tx_ttnews[tt_news]=528\u0026cHash=8d16fa63d9"
},
{
"name": "1023410",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023410"
},
{
"name": "http://it.slashdot.org/story/10/01/05/1734242/",
"refsource": "MISC",
"url": "http://it.slashdot.org/story/10/01/05/1734242/"
},
{
"name": "http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm",
"refsource": "MISC",
"url": "http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm"
},
{
"name": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html",
"refsource": "MISC",
"url": "http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html"
},
{
"name": "http://blogs.zdnet.com/hardware/?p=6655",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/hardware/?p=6655"
},
{
"name": "kingston-access-control-sec-bypass(55477)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55477"
},
{
"name": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf",
"refsource": "MISC",
"url": "http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf"
},
{
"name": "ADV-2010-0080",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0080"
},
{
"name": "https://www.ironkey.com/usb-flash-drive-flaw-exposed",
"refsource": "MISC",
"url": "https://www.ironkey.com/usb-flash-drive-flaw-exposed"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0221",
"datePublished": "2010-01-07T19:00:00",
"dateReserved": "2010-01-07T00:00:00",
"dateUpdated": "2024-08-07T00:45:10.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}