easy-rsa 加密问题漏洞

easy-rsa is a simple shell-based CA utility from the OpenVPN open source. A security vulnerability exists in easy-rsa versions 3.0.5 through 3.1.7, which stems from the fact that when creating a password-protected CA private key using the easyrsa build-ca command, Easy-RSA incorrectly uses the...

PT-2024-10335 · Openssl +2 · Openssl +2

Name of the Vulnerable Software and Affected Versions: Easy-RSA versions 3.0.5 through 3.1.7 Description: The issue is related to a weak encryption algorithm used in Easy-RSA, specifically the cipher:des-ede3-cbc algorithm, which allows a local attacker to more easily bruteforce the private CA ke...