CVE-2001-1007

Name of the Vulnerable Software and Affected Versions Starfish Truesync Desktop version 2.0b

Description The issue allows attackers to quickly guess the device key via a brute force attack due to the small keyspace used for device keys and the lack of a delay when an incorrect key is entered.

Recommendations For version 2.0b, consider implementing a delay after a specified number of incorrect key entries to slow down brute force attacks, and increase the keyspace for device keys to make guessing more difficult. At the moment, there is no information about a newer version that contains a fix for this vulnerability.