Design/Logic Flaw

2006-04-1916:06:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.9%

JSON

Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface.

CPENameOperatorVersion
netbsdeq1.6
netbsdeq2.1
netbsdeq2.0.2
netbsdeq1.6.1
netbsdeq2.0.3
netbsdeq1.6.2
netbsdeq1.6 beta
netbsdeq2.0.1
netbsdeq3.0
netbsdeq2.0

Name	Operator	Version
netbsd	eq	1.6
netbsd	eq	2.1
netbsd	eq	2.0.2
netbsd	eq	1.6.1
netbsd	eq	2.0.3
netbsd	eq	1.6.2
netbsd	eq	1.6 beta
netbsd	eq	2.0.1
netbsd	eq	3.0
netbsd	eq	2.0

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc

secunia.com/advisories/19585

securitytracker.com/id?1015907

www.osvdb.org/24577

www.securityfocus.com/bid/17496

exchange.xforce.ibmcloud.com/vulnerabilities/25786