CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
Percentile
48.8%
Dwayne Litzenberger reports:
In PyCrypto before v2.6.1, the Crypto.Random pseudo-random
number generator (PRNG) exhibits a race condition that may cause
it to generate the same ‘random’ output in multiple processes that
are forked from each other. Depending on the application, this
could reveal sensitive information or cryptographic keys to remote
attackers.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | py26-pycrypto | < 2.6.1 | UNKNOWN |
FreeBSD | any | noarch | py27-pycrypto | < 2.6.1 | UNKNOWN |
FreeBSD | any | noarch | py31-pycrypto | < 2.6.1 | UNKNOWN |
FreeBSD | any | noarch | py32-pycrypto | < 2.6.1 | UNKNOWN |
FreeBSD | any | noarch | py33-pycrypto | < 2.6.1 | UNKNOWN |