Paramiko SSH server weak encryption
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Paramiko SSH server weak encryption
Published:
04.03.2008
Source:
BUGTRAQ
SecurityVulns ID:
8747
Type:
remote
Level:
5
/10
Description:
Weak PRNG generator is used for encryption.
Affected:
PARAMIKO
:
paramiko 1.7
CVE:
CVE-2008-0299
(common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool.)
Original document
GENTOO
,
[ GLSA 200803-07 ] Paramiko: Information disclosure
(
04.03.2008
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
