The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2011-05-31T20:00:00Z

Updated: 2024-09-17T04:29:25.226Z

Reserved: 2011-02-03T00:00:00Z

Link: CVE-2011-0766

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2011-05-31T20:55:01.780

Modified: 2023-09-25T15:28:08.560

Link: CVE-2011-0766

cve-icon Redhat

No data.