EUVD-2020-20247

Malware in sbrugna...

SUSE CVE-2025-7394

In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values returned from RANDbytes after fork is called. This can lead to weak or predictable random numbers generated in applications that are both using...

UBUNTU-CVE-2025-7394

In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values returned from RANDbytes after fork is called. This can lead to weak or predictable random numbers generated in applications that are both using...

CVE-2025-7394

In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values returned from RANDbytes after fork is called. This can lead to weak or predictable random numbers generated in applications that are both using...

CVE-2020-27743

libtac in pamtacplus through 1.5.1 lacks a check for a failure of RANDbytes/RANDpseudobytes. This could lead to use of a non-random/predictable sessionid...

NewStart CGSL MAIN 6.02 : libssh Multiple Vulnerabilities (NS-SA-2024-0052)

The remote NewStart CGSL host, running version MAIN 6.02, has libssh packages installed that are affected by multiple vulnerabilities: - The RANDbytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator PRNG,...

CVE-2020-27743

libtac in pamtacplus through 1.5.1 lacks a check for a failure of RANDbytes/RANDpseudobytes. This could lead to use of a non-random/predictable sessionid...

Information disclosure

libtac in pamtacplus through 1.5.1 lacks a check for a failure of RANDbytes/RANDpseudobytes. This could lead to use of a non-random/predictable sessionid...

CVE-2020-27743

libtac in pamtacplus through 1.5.1 lacks a check for a failure of RANDbytes/RANDpseudobytes. This could lead to use of a non-random/predictable sessionid...

CVE-2020-27743

Removed by vendor...

CVE-2020-27743

libtac in pamtacplus through 1.5.1 lacks a check for a failure of RANDbytes/RANDpseudobytes. This could lead to use of a non-random/predictable sessionid...

CVE-2020-27743

The CVE-2020-27743 entry affects libtac in pam_tacplus up to version 1.5.1, where RAND_bytes()/RAND_pseudo_bytes() failures are not checked. This can allow a non-random/predictable session_id, enabling partial confidentiality/integrity risk as described in the CVE. Affected platforms include Phot...

CVE-2014-0017

The RANDbytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator PRNG, which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid...

CVE-2014-0017

The RANDbytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator PRNG, which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid...

CVE-2014-0017

The RANDbytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator PRNG, which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid...

CVE-2014-0017

CVE-2014-0017 affects libssh prior to 0.6.3 where RAND_bytes state is not re-seeded after fork, causing PRNG state to be shared between child processes. This can lead to leakage of private keys for servers using ECC (ECDSA) or DSA certificates under certain conditions. The issue is resolved by up...

Updated libssh package fixes security vulnerability

When using libssh before 0.6.3, a libssh-based server, when accepting a new connection, forks and the child process handles the request. The RANDbytes function of openssl doesn't reset its state after the fork, but simply adds the current process id getpid to the PRNG state, which is not guarante...

CVE-2014-0017

The RANDbytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator PRNG, which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid...

libssh -- PRNG state reuse on forking servers

Aris Adamantiadis reports: When accepting a new connection, the server forks and the child process handles the request. The RANDbytes function of openssl doesn't reset its state after the fork, but simply adds the current process id getpid to the PRNG state, which is not guaranteed to be unique...

CVE-2006-3419

CVE-2006-3419 affects Tor prior to 0.1.1.20. The issue stems from using OpenSSL RAND_pseudo_bytes instead of a cryptographically strong RAND_bytes, and seeding entropy at startup with 160-bit chunks without reseeding. This design makes brute-force guessing attacks more feasible for an attacker. M...