Debian Security Advisory DSA 1571-1 (openssl)

The remote host is missing an update to openssl announced via advisory DSA 1571-1. OpenVAS Vulnerability Test $Id: deb15711.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1571-1 openssl Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

CVE-2008-0166

OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys...

Debian DSA-1571-1 : openssl - predictable random number generator

Luciano Bello discovered that the random number generator in Debian's openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package CVE-2008-0166 . As a result, cryptographic key material may be guessable. This is a Debian-specific vulnerability whic...

DSA-1571-1 openssl - predictable random number generator

Bulletin has no description...

Design/Logic Flaw

The password reset feature in PunBB 1.2.16 and earlier uses predictable random numbers based on the system time, which allows remote authenticated users to determine the new password via a brute force attack on a seed that is based on the approximate creation time of the targeted account. NOTE:...

CVE-2008-1484

PunBB 1.2.16 and earlier has a vulnerability in the password reset mechanism where the seed for the reset token is derived from the system time, enabling remote authenticated users to brute-force and determine a new password. The issue affects PunBB’s password reset function and can be exploited ...

CVE-2008-1484

The password reset feature in PunBB 1.2.16 and earlier uses predictable random numbers based on the system time, which allows remote authenticated users to determine the new password via a brute force attack on a seed that is based on the approximate creation time of the targeted account. NOTE:...

SOL8331 - OpenSSL FIPS Object Module 1.1 vulnerability - CVE-2007-5502

The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness. Information...

CVE-2003-0900

Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers...