Vulnerabilities > CVE-2011-2683 - 7PK - Security Features vulnerability in Reseed Project Reseed
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
reseed seeds random numbers from an insecure HTTP request to random.org during installation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a man-in-the-middle attack.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
References
- http://www.openwall.com/lists/oss-security/2011/07/06/8
- http://www.openwall.com/lists/oss-security/2014/02/08/5
- https://bugs.launchpad.net/ubuntu/+source/reseed/+bug/804594
- http://www.openwall.com/lists/oss-security/2011/07/06/8
- https://bugs.launchpad.net/ubuntu/+source/reseed/+bug/804594
- http://www.openwall.com/lists/oss-security/2014/02/08/5