4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
44.2%
Dwayne Litzenberger reports:
In PyCrypto before v2.6.1, the Crypto.Random pseudo-random
number generator (PRNG) exhibits a race condition that may cause
it to generate the same ‘random’ output in multiple processes that
are forked from each other. Depending on the application, this
could reveal sensitive information or cryptographic keys to remote
attackers.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | py26-pycrypto | < 2.6.1 | UNKNOWN |
FreeBSD | any | noarch | py27-pycrypto | < 2.6.1 | UNKNOWN |
FreeBSD | any | noarch | py31-pycrypto | < 2.6.1 | UNKNOWN |
FreeBSD | any | noarch | py32-pycrypto | < 2.6.1 | UNKNOWN |
FreeBSD | any | noarch | py33-pycrypto | < 2.6.1 | UNKNOWN |