Unrated severityNVD Advisory· Published Aug 2, 2001· Updated Apr 16, 2026

CVE-2001-0597

Description

Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password 'search space'.

Affected products

Zetetic Enterprises/Strip3 versions
cpe:2.3:a:zetetic_enterprises:strip:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:zetetic_enterprises:strip:*:*:*:*:*:*:*:*range: <=0.5
- cpe:2.3:a:zetetic_enterprises:strip:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:zetetic_enterprises:strip:0.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2001-04/0169.htmlnvdExploitPatchVendor Advisory
www.securityfocus.com/bid/2567nvdExploitPatchVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/6362nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000