2001-07-27 04:00:00
mitre
PUBLISHED
Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIPs use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password search space.