6 matches found
CVE-2005-3087
The SecureW2 3.0 TLS implementation uses weak random number generators rand and srand from system time during generation of the pre-master secret PMS, which makes it easier for attackers to guess the secret and decrypt sensitive data...
CVE-2005-3087
The SecureW2 3.0 TLS implementation uses weak random number generators rand and srand from system time during generation of the pre-master secret PMS, which makes it easier for attackers to guess the secret and decrypt sensitive data...
CVE-2005-3087
The vulnerability concerns the SecureW2 3.0 TLS implementation, where the pre‑master secret (PMS) is generated using weak random number generators (rand/srand from system time). This weak RNG makes it easier for an attacker to guess the PMS and decrypt sensitive data, as described in the CVE reco...
CVE-2005-3087
The SecureW2 3.0 TLS implementation uses weak random number generators rand and srand from system time during generation of the pre-master secret PMS, which makes it easier for attackers to guess the secret and decrypt sensitive data...
[Full-disclosure] SecureW2 TLS security problem
Hi everyone! I was looking at the code for a TLS implementation, an open source implementation "SecureW2" by Alfa & Ariss, see: http://www.securew2.com/uk/index.htm I found that it uses weak random numbers when generating the pre-master-secret. The code is in "./Components/Common/release 3/versio...
SecureW2 weak encryption
Weak PRNG generation algorithm for TLS pre-master key...