The ".encfs6.xml" configuration file in encfs prior to 1.7.5 allows remote malicious users to access sensitive data by setting "blockMACBytes" to 0 and adding 8 to "blockMACRandBytes".
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse leap 42.1 |
||
opensuse leap 42.2 |
||
opensuse opensuse 13.2 |
||
encfs project encfs |