CVE-2008-5659

2008-12-17T15:30:01
ID CVE-2008-5659
Type cve
Reporter NVD
Modified 2017-08-07T21:33:27

Description

The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated against DSA private keys.