The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2011-0778 | The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: certcc
Published:
Updated: 2024-09-17T04:29:25.226Z
Reserved: 2011-02-03T00:00:00Z
Link: CVE-2011-0766

No data.

Status : Deferred
Published: 2011-05-31T20:55:01.780
Modified: 2025-04-11T00:51:21.963
Link: CVE-2011-0766

No data.

No data.