Lucene search
Ubuntu.comUB:CVE-2009-5057HistoryMar 18, 2011 - 12:00 a.m.
CVE-2009-5057
2011-03-1800:00:00
ubuntu.com
ubuntu.com
13
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.002
Percentile
61.0%
The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 does
not configure the RANDFILE and HOME environment variables for OpenSSL,
which might make it easier for remote attackers to decrypt e-mail messages
that had lower than intended entropy available for cryptographic
operations, related to inability to write to the seeding file.
Related
prion
prion
Design/Logic Flaw
2011-03-18 16:55:00
cvelist
cvelist
CVE-2009-5057
2011-03-18 16:00:00
nvd
nvd
CVE-2009-5057
2011-03-18 16:55:01
debiancve
debiancve
CVE-2009-5057
2011-03-18 16:55:01
cve
cve
CVE-2009-5057
2011-03-18 16:55:01
openvas
openvas
OTRS < 2.3.4 RANDFILE Cryptographic Entropy Weakness Vulnerability
2013-09-21 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.002
Percentile
61.0%
Related for UB:CVE-2009-5057