Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-0299HistoryJan 16, 2008 - 11:00 p.m.
CVE-2008-0299
2008-01-1623:00:00
Debian Security Bug Tracker
security-tracker.debian.org
9
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.007
Percentile
80.2%
common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | paramiko | < 1.6.4-1.1 | paramiko_1.6.4-1.1_all.deb |
| Debian | 11 | all | paramiko | < 1.6.4-1.1 | paramiko_1.6.4-1.1_all.deb |
| Debian | 999 | all | paramiko | < 1.6.4-1.1 | paramiko_1.6.4-1.1_all.deb |
| Debian | 13 | all | paramiko | < 1.6.4-1.1 | paramiko_1.6.4-1.1_all.deb |
Related
github
github
Paramiko Unsafe randomness usage may allow access to sensitive information
2022-05-01 23:28:57
securityvulns
securityvulns
[ GLSA 200803-07 ] Paramiko: Information disclosure
2008-03-04 00:00:00
Paramiko SSH server weak encryption
2008-03-04 00:00:00
nvd
nvd
CVE-2008-0299
2008-01-16 23:00:00
openvas
openvas
Fedora Update for python-paramiko FEDORA-2008-0644
2009-02-17 00:00:00
Fedora Update for python-paramiko FEDORA-2008-0644
2009-02-17 00:00:00
Fedora Update for python-paramiko FEDORA-2008-0722
2009-02-17 00:00:00
cvelist
cvelist
CVE-2008-0299
2008-01-16 22:00:00
cve
cve
CVE-2008-0299
2008-01-16 23:00:00
osv
osv
PYSEC-2008-8
2008-01-16 23:00:00
Paramiko Unsafe randomness usage may allow access to sensitive information
2022-05-01 23:28:57
gentoo
gentoo
Paramiko: Information disclosure
2008-03-03 00:00:00
nessus
nessus
Fedora 8 : python-paramiko-1.7.1-3.fc8 (2008-0644)
2008-01-16 00:00:00
GLSA-200803-07 : Paramiko: Information disclosure
2008-03-07 00:00:00
Fedora 7 : python-paramiko-1.7.1-3.fc7 (2008-0722)
2008-01-16 00:00:00
ubuntucve
ubuntucve
CVE-2008-0299
2008-01-16 00:00:00
prion
prion
Session fixation
2008-01-16 23:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.007
Percentile
80.2%
Related for DEBIANCVE:CVE-2008-0299