CVE-2006-3419

Опубликовано: 07 июл. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographically strong RAND_bytes, and seeds the entropy value at start-up with 160-bit chunks without reseeding, which makes it easier for attackers to conduct brute force guessing attacks.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tor:tor:0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre13:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre14:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre15:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre16:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre17:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre18:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre19:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre20:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre21:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre22:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre23:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre24:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre25:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre26:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre27:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.6:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.6.1:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.6.2:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.7.1:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.7.2:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.7.3:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.8:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.8.1:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.1:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.4:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.5:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.6:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.7:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.8:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.9:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.10:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.9:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.15:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.16:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.17:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.18:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.19:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.6_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.7_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.8_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.9_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.10_alpha:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.0033

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2006-3419

ubuntu

около 19 лет назад

CVE-2006-3419

debian

около 19 лет назад

Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_byte ...

GHSA-rj3x-48ch-69xf

github

больше 3 лет назад

EPSS

Процентиль: 55%

0.0033

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other