Lucene search
HistoryMay 31, 2011 - 8:55 p.m.
CVE-2011-0766
cve-2011-0766
crypto application
ssh
erlang/otp
predictable seeds
remote attackers
6.3 Medium
AI Score
Confidence
Low
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
0.002 Low
EPSS
Percentile
64.4%
The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.
Related
seebug
seebug
Erlang/OTP SSHεΊιζΊζ°ηζζΌζ΄
2011-05-26 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: erlang-R14B-03.1.fc14
2011-07-31 03:38:49
[SECURITY] Fedora 15 Update: erlang-R14B-03.2.fc15
2011-07-31 04:01:38
ubuntucve
ubuntucve
CVE-2011-0766
2011-05-31 00:00:00
nessus
nessus
FreeBSD : Erlang -- ssh library uses a weak random number generator (e4833927-86e5-11e0-a6b4-000a5e1e33c6)
2011-05-26 00:00:00
Fedora 15 : erlang-R14B-03.2.fc15 (2011-9598)
2011-08-01 00:00:00
Fedora 14 : erlang-R14B-03.1.fc14 (2011-9657)
2011-08-01 00:00:00
openvas
openvas
FreeBSD Ports: erlang
2011-08-03 00:00:00
Fedora Update for erlang FEDORA-2011-9657
2011-08-02 00:00:00
Fedora Update for erlang FEDORA-2011-9598
2011-08-02 00:00:00
debiancve
debiancve
CVE-2011-0766
2011-05-31 20:55:00
freebsd
freebsd
Erlang -- ssh library uses a weak random number generator
2011-05-25 00:00:00
cert
cert
Erlang/OTP SSH library uses a weak random number generator
2011-05-25 00:00:00
prion
prion
Code injection
2011-05-31 20:55:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1829
2021-07-02 16:39:36
6.3 Medium
AI Score
Confidence
Low
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
0.002 Low
EPSS
Percentile
64.4%
Related for CVE-2011-0766