@Troy@beehaw.org to

Technology@beehaw.org • 11 months ago

Vulnerability in KeePass allows retrieval of master password, issue is not yet fixed

web.archive.org

20

Vulnerability in KeePass allows retrieval of master password, issue is not yet fixed

web.archive.org

@Troy@beehaw.org to

Technology@beehaw.org • 11 months ago

keepass-password-dumper/README.md at main · vdohney/keepass-password-dumper

web.archive.org

Contribute to vdohney/keepass-password-dumper development by creating an account on GitHub.

The vulnerability affects the KeePass 2.X branch for Windows, and possibly for Linux and macOS. It has been fixed in the test versions of KeePass v2.54 – the official release is expected by July 2023. It’s unfortunate that the PoC tool is already publicly available and the release of the new version so far off, but the risk of CVE-2023-32784 being abused in the wild is likely to be pretty low, according to the researcher.

Chat

𝕽𝖚𝖆𝖎𝖉𝖍𝖗𝖎𝖌𝖍
link
5•11 months ago
I read that! Props on the auditor for doing it gratis; it’s rare to see people pay back the benefit they get from OSS.

Technology@beehaw.org

!technology@beehaw.org

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@beehaw.org

Rumors, happenings, and innovations in the technology sphere. If it’s technological news or discussion of technology, it probably belongs here.

Subcommunities on Beehaw:

This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

434 users / day
1.95K users / week
5.12K users / month
11.6K users / 6 months
37.1K subscribers
3.52K Posts
72.6K Comments
Modlog