Computer Security
[EN] no-pyccku

Paramiko SSH server weak encryption
SecurityVulns ID:8747
Threat Level:
Description:Weak PRNG generator is used for encryption.
Affected:PARAMIKO : paramiko 1.7
CVE:CVE-2008-0299 ( in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool.)
Original documentdocumentGENTOO, [ GLSA 200803-07 ] Paramiko: Information disclosure (04.03.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod