Code injection

The TLS implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ sends a long series of random bytes during use of the DualECDRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than...

Default configuration

The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager DPM 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation DualECDRBG algorithm, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging...

CVE-2007-6755

The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation DualECDRBG algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection...

CVE-2007-6755

CVE-2007-6755 is the Dual_EC_DRBG-related vulnerability referenced in the initial description. The connected documents provide a concrete technical detail: in a Debian vulnerability listing, CVE-2007-6755 is associated with libuuid1 (libuuid1-2.36.1-8+deb11u1.amd64