Описание
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0231
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25973
- http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0011.html
- http://secunia.com/advisories/19734
- http://securitytracker.com/id?1015974
- http://www.securityfocus.com/archive/1/431725/100/0/threaded
- http://www.securityfocus.com/archive/1/431734/100/0/threaded
- http://www.securityfocus.com/bid/17637
- http://www.symantec.com/avcenter/security/Content/2006.04.21.html
- http://www.vupen.com/english/advisories/2006/1464
EPSS
Процентиль: 71%
0.00689
Низкий
CVE ID
Связанные уязвимости
nvd
почти 20 лет назад
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.
EPSS
Процентиль: 71%
0.00689
Низкий