The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-05-20T14:00:00

Updated: 2024-08-06T16:38:01.910Z

Reserved: 2013-06-12T00:00:00

Link: CVE-2013-4347

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-05-20T14:55:04.473

Modified: 2024-11-21T01:55:23.940

Link: CVE-2013-4347

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-04-24T00:00:00Z

Links: CVE-2013-4347 - Bugzilla