Computer Security
[EN] securityvulns.ru no-pyccku


FreeBSD pseudo-random numbers generator weakness
Published:30.11.2007
Source:
SecurityVulns ID:8396
Type:library
Threat Level:
6/10
Description:SAme PRNG sequence may be reproduced twice under some conditions.
Affected:FREEBSD : FreeBSD 7.0
 FREEBSD : FreeBSD 6.1
 FREEBSD : FreeBSD 5.5
 FREEBSD : FreeBSD 6.2
 FREEBSD : FreeBSD 6.3
CVE:CVE-2007-6150 (The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-07:09.random (30.11.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod