CVE-2000-0445

The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys...

Проблемы с libdes в NetBSD

Если отсутствует или не функционирует /dev/urandom, используется предсказуемая последовательность при генерации ключей...

Security Advisory 2000-007

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-007 ================================= Topic: bad key generation in libdes if no /dev/urandom Version: Domestic US NetBSD-current between 19990624 and 20000622. No formal releases of NetBSD are vulnerable. Severity: high only if...

Проблема генерации ключей в PGP 5.0

При определенных условиях в Unix-версиях используется фиксированная последовательность вместо случайной при генерации ключа...

Key Generation Security Flaw in PGP 5.0

SECURITY FLAW IN PGP 5.0 ======================== EXECUTIVE SUMMARY ----------------- A flaw has been found in the randomness gathering code of PGP 5. PGP 5 will, under certain well-defined circumstances, generate public/private key pairs with no or only a small amount of randomness. Such keys ar...

alibaba.2.0.genkey.txt

Date: Fri, 21 May 1999 14:39:00 GMT From: [email protected] Chris Cowley Subject: Vulnerability in Windows SSL server and common browsers Some time ago, I downloaded a trial version of an SSL web server product for Windows NT called 'Alibaba 2.0' for evaluation as a possible SSL solution. I...

CVE-1999-0143

Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys...