4 matches found
OpenSSL < 0.9.6b Predictable Random Generator
According to its banner, the remote web server is running a version of OpenSSL that is earlier than 0.9.6b and allows remote attackers to predict the output of the pseudo-random generator. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17745; scriptversion"1.11";...
Mandrake Linux Security Advisory : openssl (MDKSA-2001:065)
The pseudo-random number generator in OpenSSL versions up to 0.9.6a has a design flaw. By knowing the output of specific PRNG requests, an attacker would be able to determine the PRNG's internal state and thus predict future PRNG output. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
CVE-2001-1141
The Pseudo-Random Number Generator PRNG in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers...
CVE-2001-1141
CVE-2001-1141: OpenSSL/SSLeay PRNG weakness before 0.9.6b allows attackers to use outputs from small PRNG requests to infer internal state, enabling future-prediction of random numbers. Affected versions include OpenSSL up to 0.9.6b; impact stated as potential exposure of cryptographic material. ...