Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-0766
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-0766

2022-10-0316:15:19
CWE-310
[email protected]
web.nvd.nist.gov
77
cve-2011-0766
crypto application
ssh
erlang/otp
predictable seeds
remote attackers

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.3%

JSON

The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.

Affected configurations

NVD
Node
erlangcryptoRange≀2.0.2.1
OR
erlangerlang\/otpMatchr11b-5
OR
erlangerlang\/otpMatchr12b-5
OR
erlangerlang\/otpMatchr13b
OR
erlangerlang\/otpMatchr13b02-1
OR
erlangerlang\/otpMatchr13b03
OR
erlangerlang\/otpMatchr13b04
OR
erlangerlang\/otpMatchr14a
OR
erlangerlang\/otpMatchr14b
OR
erlangerlang\/otpMatchr14b01
OR
erlangerlang\/otpMatchr14b02
OR
sshsshRange≀2.0.4

Related

nessus 3
debiancve 1
openvas 6
fedora 2
seebug 1
ubuntucve 1
nvd 1
cert 1
cvelist 1
freebsd 1
prion 1
rosalinux 1
nessus
nessus
FreeBSD : Erlang -- ssh library uses a weak random number generator (e4833927-86e5-11e0-a6b4-000a5e1e33c6)
2011-05-26 00:00:00
Fedora 15 : erlang-R14B-03.2.fc15 (2011-9598)
2011-08-01 00:00:00
Fedora 14 : erlang-R14B-03.1.fc14 (2011-9657)
2011-08-01 00:00:00
debiancve
debiancve
CVE-2011-0766
2022-10-03 16:15:19
openvas
openvas
FreeBSD Ports: erlang
2011-08-03 00:00:00
Fedora Update for erlang FEDORA-2011-9598
2011-08-02 00:00:00
Fedora Update for erlang FEDORA-2011-9657
2011-08-02 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: erlang-R14B-03.2.fc15
2011-07-31 04:01:38
[SECURITY] Fedora 14 Update: erlang-R14B-03.1.fc14
2011-07-31 03:38:49
seebug
seebug
Erlang/OTP SSHεΊ“ιšζœΊζ•°η”ŸζˆζΌζ΄ž
2011-05-26 00:00:00
ubuntucve
ubuntucve
CVE-2011-0766
2011-05-31 00:00:00
nvd
nvd
CVE-2011-0766
2011-05-31 20:55:01
cert
cert
Erlang/OTP SSH library uses a weak random number generator
2011-05-25 00:00:00
cvelist
cvelist
CVE-2011-0766
2022-10-03 16:15:19
freebsd
freebsd
Erlang -- ssh library uses a weak random number generator
2011-05-25 00:00:00
prion
prion
Code injection
2011-05-31 20:55:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1829
2021-07-02 16:39:36

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.3%

JSON
Related for CVE-2011-0766
nessus3debiancve1openvas6fedora2seebug1ubuntucve1nvd1cert1cvelist1freebsd1prion1rosalinux1