16 matches found
Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl
🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...
EUVD-2008-2282
Malware in sbrugna...
CVE-2008-3280
Technical details for CVE-2008-3280 are not provided in the supplied documents. Related issues (CVE-2008-0166, CVE-2008-1447) are mentioned, but this CVE’s specifics are not disclosed here.
Ubuntu: Security Advisories for openssl (USN-612-1 - USN-612-11)
The remote host is probably affected by the vulnerabilities described in USN-612-1, USN-612-2, USN-612-3, USN-612-4: OpenSSL vulnerability. This VT has been deprecated by dedicated LSCs covering each USN separately. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpt...
Debian: Security Advisory (DSA-1576-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1571-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-2285
The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorizedkeys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool...
CVE-2008-2285
The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorizedkeys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool...
Authentication flaw
The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorizedkeys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool...
CVE-2008-2285
CVE-2008-2285 stems from ssh-vulnkey failing to recognize authorized_keys lines containing options, enabling exploitation links to CVE-2008-0166 via weak OpenSSL PRNG. The underlying issue (CVE-2008-0166) is Debian/OpenSSL PRNG predictability caused by seeding with PID alone, drastically limiting...
CVE-2008-2285
The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorizedkeys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool...
[SECURITY] [DSA 1576-2] New openssh packages fix predictable randomness
------------------------------------------------------------------------ Debian Security Advisory DSA-1576-2 [email protected] http://www.debian.org/security/ Noah Meyerhans May 16, 2008 http://www.debian.org/security/faq -...
CVE-2008-0166
creationtimestamp| type| source ---|---|--- 2008-05-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5622 2008-05-16 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5632 2008-06-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5720 2021-05-22...
[USN-612-1] OpenSSL vulnerability
=========================================================== Ubuntu Security Notice USN-612-1 May 13, 2008 openssl vulnerability CVE-2008-0166 =========================================================== A weakness has been discovered in the random number generator used by OpenSSL on Debian and...
CVE-2008-0166
CVE-2008-0166 describes a Debian/Ubuntu OpenSSL PRNG flaw caused by removing seeding steps in md_rand.c, which left the OpenSSL PRNG predictable. Consequently, OpenSSH/OpenSSL keys generated on affected Debian-based systems (2006–2008) could be brute-forced or reproduced. Connected docs indicate ...
[SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
------------------------------------------------------------------------ Debian Security Advisory DSA-1571-1 [email protected] http://www.debian.org/security/ Florian Weimer May 13, 2008 http://www.debian.org/security/faq -...