Lucene search
PRIOn knowledge basePRION:CVE-2008-7278HistoryMar 18, 2011 - 4:55 p.m.
Design/Logic Flaw
2011-03-1816:55:00
PRIOn knowledge base
www.prio-n.com
2
The S/MIME feature in Open Ticket Request System (OTRS) before 2.2.5, and 2.3.x before 2.3.0-beta1, does not properly configure the RANDFILE environment variable for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available for cryptographic operations, related to inability to write to the seeding file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| otrs | eq | 2.0.0 beta4 | |
| otrs | eq | 2.0.0 beta2 | |
| otrs | eq | 2.1.3 | |
| otrs | eq | 1.0.2 | |
| otrs | eq | 2.1.8 | |
| otrs | eq | 1.1.1 | |
| otrs | eq | 0.5 beta1 | |
| otrs | eq | 1.2.0 beta2 | |
| otrs | eq | 1.2.0 beta3 | |
| otrs | eq | 1.3.1 |
Related
nvd
nvd
CVE-2008-7278
2011-03-18 16:55:01
openvas
openvas
OTRS < 2.2.5 S/MIME OpenSSL Cryptographic Entropy Weakness
2013-09-20 00:00:00
debiancve
debiancve
CVE-2008-7278
2022-10-03 16:13:53
cvelist
cvelist
CVE-2008-7278
2022-10-03 16:13:53
cve
cve
CVE-2008-7278
2022-10-03 16:13:53
ubuntucve
ubuntucve
CVE-2008-7278
2011-03-18 00:00:00