PT-2001-2283 · Openssl · Openssl

Published

2001-07-10

Updated

2017-10-10

CVE-2001-1141

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 0.9.6b

Description The issue concerns the Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL, which allows attackers to determine the internal state information by using the output of small PRNG requests. This could potentially be used by attackers to predict future pseudo-random numbers.

Recommendations For versions prior to 0.9.6b, update to version 0.9.6b or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1141

Affected Products

Openssl

PT-2001-2283 · Openssl · Openssl

CVE-2001-1141

Related Identifiers

Affected Products

References · 12