Lucene search
Gentoo FoundationMGASA-2013-0289HistorySep 25, 2013 - 1:40 a.m.
Updated perl-Crypt-DSA package fixes security vulnerability
2013-09-2501:40:52
Gentoo Foundation
advisories.mageia.org
7
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.004 Low
EPSS
Percentile
73.9%
The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack (CVE-2011-3599). This update removes the fallback to Data::Random.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 2 | noarch | perl-crypt-dsa | < 1.170.0-1.1 | perl-Crypt-DSA-1.170.0-1.1.mga2 |
| Mageia | 3 | noarch | perl-crypt-dsa | < 1.170.0-2.1 | perl-Crypt-DSA-1.170.0-2.1.mga3 |
Related
nessus
nessus
Fedora 18 : perl-Crypt-DSA-1.17-10.fc18 (2013-15755)
2013-09-13 00:00:00
Mandriva Linux Security Advisory : perl-Crypt-DSA (MDVSA-2013:241)
2013-09-26 00:00:00
Fedora 19 : perl-Crypt-DSA-1.17-10.fc19 (2013-15786)
2013-09-13 00:00:00
ubuntucve
ubuntucve
CVE-2011-3599
2011-10-10 00:00:00
securityvulns
securityvulns
perl Crypt::DSA weak PRNG generator
2013-10-02 00:00:00
[ MDVSA-2013:241 ] perl-Crypt-DSA
2013-10-02 00:00:00
openvas
openvas
Fedora Update for perl-Crypt-DSA FEDORA-2013-15755
2013-09-18 00:00:00
Mageia: Security Advisory (MGASA-2013-0289)
2022-01-28 00:00:00
Fedora Update for perl-Crypt-DSA FEDORA-2013-15786
2013-09-18 00:00:00
debiancve
debiancve
CVE-2011-3599
2011-10-10 10:55:00
fedora
fedora
[SECURITY] Fedora 18 Update: perl-Crypt-DSA-1.17-10.fc18
2013-09-13 01:11:37
[SECURITY] Fedora 19 Update: perl-Crypt-DSA-1.17-10.fc19
2013-09-13 01:10:36
cve
cve
CVE-2011-3599
2011-10-10 10:55:00
prion
prion
Design/Logic Flaw
2011-10-10 10:55:00
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.004 Low
EPSS
Percentile
73.9%
Related for MGASA-2013-0289