Описание
The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness.
The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-5502
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38796
- http://secunia.com/advisories/27859
- http://www.kb.cert.org/vuls/id/150249
- http://www.openssl.org/news/secadv_20071129.txt
- http://www.securityfocus.com/bid/26652
- http://www.securitytracker.com/id?1019029
- http://www.vupen.com/english/advisories/2007/4044
EPSS
CVE ID
Связанные уязвимости
The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness.
The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness.
The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness.
EPSS