BSI warnt vor KeePassXC-Schwachstellen / BSI warns of vulnerabilities in the password manager KeePassXC (www.heise.de)

submitted 1 year ago by 73kk13@discuss.tchncs.de to c/foss@beehaw.org

22 comments fedilink hide all child comments

heisec@social.heise.de - BSI warnt vor KeePassXC-Schwachstellen

Das BSI warnt vor Schwachstellen im Passwort-Manager KeePassXC. Angreifer können Dateien oder das Master-Passwort ohne Authentifzierungsrückfrage manipulieren.

[The BSI warns of vulnerabilities in the password manager KeePassXC. Attackers can manipulate files or the master password without authentication confirmation.]

you are viewing a single comment's thread
view the rest of the comments

[-] Eufalconimorph@beehaw.org 5 points 1 year ago

No, requiring the existing master password won't help. A drive by miscreant with access to an unlocked computer with an unlocked DB can delete all the DB entries. If the DB is locked they can just delete the DB file. KeePassXC can't defend against this, that takes properly functioning versioned backups.

[-] blackstrat@lemmy.fwgx.uk 1 points 1 year ago

yeah, maybe denial of service isn't it. I replied to a comment above why I think it should still be protected functionality to help prevent data leak.

this post was submitted on 20 Jun 2023

14 points (100.0% liked)

Free and Open Source Software

17515 readers

12 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago

MODERATORS

Gaywallet@beehaw.org

alyaza@beehaw.org