Lucene search
HistoryNov 30, 2007 - 1:46 a.m.
CVE-2007-6150
freebsd
internal state tracking
vulnerability
random devices
urandom devices
cve-2007-6150
nvd
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
5.1%
The โinternal state trackingโ code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values.
Affected configurations
Node
freebsdfreebsdMatch5.5
ORfreebsdfreebsdMatch6.1
ORfreebsdfreebsdMatch6.2
ORfreebsdfreebsdMatch6.3
ORfreebsdfreebsdMatch7.0beta_4
Related
freebsd_advisory
freebsd_advisory
FreeBSD-SA-07:09.random
2007-11-29 00:00:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-07:09.random
2007-11-30 00:00:00
FreeBSD pseudo-random numbers generator weakness
2007-11-30 00:00:00
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-07:09.random.asc)
2008-09-04 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-07:09.random.asc)
2008-09-04 00:00:00
prion
prion
Design/Logic Flaw
2007-11-30 01:46:00
nvd
nvd
CVE-2007-6150
2007-11-30 01:46:00
cvelist
cvelist
CVE-2007-6150
2007-11-30 01:00:00
seebug
seebug
FreeBSDไธๅฎๅ
จ้ๆบๆฐ็ๆๅจไฟกๆฏๆณ้ฒๆผๆด
2007-12-03 00:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2007-6150