CVE-2001-0435

Name of the Vulnerable Software and Affected Versions PGP version 7.0

Description The issue concerns the split key mechanism in PGP, which allows a key share holder to gain access to the entire key. This can be achieved by setting the Cache passphrase while logged on option and capturing the passphrases of other share holders as they authenticate.

Recommendations For PGP version 7.0, consider disabling the Cache passphrase while logged on option to prevent potential exploitation. Additionally, restrict access to the key sharing mechanism to minimize the risk of unauthorized access.