Lucene search
HistoryJun 12, 2000 - 4:00 a.m.
CVE-2000-0535
cve-2000-0535
openssl 0.9.4
openssh
freebsd alpha
/dev/random
weak keys
nvd
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
71.3%
OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.
| CPE | Name | Operator | Version |
|---|---|---|---|
| openssl:openssl | openssl | eq | 0.9.4 |
| freebsd:freebsd | freebsd | eq | 5.0 |
| freebsd:freebsd | freebsd | eq | 4.0 |
Related
openvas
openvas
OpenSSL <= 0.9.4 Weak Key Vulnerability
2020-11-09 00:00:00
nessus
nessus
OpenSSL < 0.9.5a /dev/random Check Failure
2011-11-18 00:00:00
OpenSSH < 2.1.0 /dev/random Check Failure
2011-11-18 00:00:00
OpenSSL < 0.9.6e / 0.9.7b3 Multiple Remote Vulnerabilities
2002-08-05 00:00:00
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
71.3%
Related for CVE-2000-0535