Computer Security
[EN] securityvulns.ru no-pyccku


pwgen weak passwords generation
Published:13.01.2015
Source:
SecurityVulns ID:14202
Type:library
Threat Level:
5/10
Description:Weak passwords generation, weak PRNG usage.
Affected:PWGEN : pwgen 2.06
CVE:CVE-2013-4442 (Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.)
 CVE-2013-4440 (Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:008 ] pwgen (13.01.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod