NTP.org 'ntpd' Predictable Random Number Generator Weakness Brute Force Attack Vulnerability Description The host is running NTP.org's reference implementation of NTP server, ntpd and is prone to a brute force vulnerability. CVE No. CVE-2014-9294 分析结果 误报,EulerOS已在ntp-4.2.6p5-19版本...
For a list of random number generators that are cryptographically weak, see Vulnerable pseudo-random number generator. Examples expand all Predictable Cipher Key Result Information Group: Cryptography Language: C | C++ Default: Off Command-Line Syntax: CRYPTO_CIPHER_PREDICTABLE_KEY Impact: Medium ...
The paper describes a weakness in the pseudo random number generator (PRNG) in use by OpenBSD, Mac OS X, Mac OS X Server, Darwin, NetBSD, FreeBSD and DragonFlyBSD to produce random DNS transaction IDs (OpenBSD) and random IP fragmentation IDs (OpenBSD, Mac OS X, Mac OS X Server, ...
It is known that Debian Linux (CVE-2008-0166) pseudorandom generator based on OpenSSL 0.9.8c-1 is flawed and the output sequences are predictable. ... Y Wang,T Nicol - European Symposium on Research in Computer Security 被引量: 3发表: 2014年 ICAS5203B Evaluate and select a web hosting...
The checker detects this issue with the following random number generator functions: C Standard Library functions such assrand,srandomandinitstate C++ Standard Library functions such asstd::linear_congruential_engine<>::seed()andstd::mersenne_twister_engine<>::seed()(and also the constructors of th...
MITRE, CWE-337 - Predictable Seed in Pseudo-Random Number Generator (PRNG) OWASP Top 10 2017 Category A6 - Security Misconfiguration CERT, MSC63J. - Ensure that SecureRandom is properly seeded Recommendation Change this seed value to something unpredictable, or remove the seed. Code Link : https...
NTP.org 'ntpd' Predictable Random Number Generator Weakness Brute Force Attack Vulnerability Description The host is running NTP.org's reference implementation of NTP server, ntpd and is prone to a brute force vulnerability. CVE No. CVE-2014-9294 分析结果 误报,EulerOS已在ntp-4.2.6p5-19版本...
If you use a weak random number generator for the encryption or decryption key, an attacker can retrieve your key easily. You use a key to encrypt and later decrypt your data. If a key is easily retrieved, data encrypted using that key is not secure. Fix Use a strong pseudo-random nu...
The Mersenne Twister is a strong pseudorandom number generator (PRNG). A sequence's period defines how long it continues before repeating itself. Sequences with too short of a period can be observed, recorded, and reused by an attacker. Sequences with long periods force the adversary to ...
Debian: New Openssl Packages Fix Predictable Random Number Generatorlists.debian.org