CVE-2022-34295
6.5MEDIUMtotd before 1.5.3 does not properly randomize mesg IDs.
Published: 6/23/2022Updated: 11/21/2024
Description
totd before 1.5.3 does not properly randomize mesg IDs.
AI AnalysisPowered by AI
Affected Products
totd_projecttotd
References
- http://www.hit.bme.hu/~lencse/publications/JCST-Apr14-2.pdfExploitTechnical DescriptionThird Party Advisory
- https://github.com/fwdillema/totd/commit/afd8a10a6a21f82a70940d1b43cff48143250399PatchThird Party Advisory
- https://github.com/fwdillema/totd/releases/tag/1.5.3PatchRelease NotesThird Party Advisory
- https://www.usenix.org/conference/usenixsecurity22/presentation/jeitnerVendor Advisory
- http://www.hit.bme.hu/~lencse/publications/JCST-Apr14-2.pdfExploitTechnical DescriptionThird Party Advisory
- https://github.com/fwdillema/totd/commit/afd8a10a6a21f82a70940d1b43cff48143250399PatchThird Party Advisory
- https://github.com/fwdillema/totd/releases/tag/1.5.3PatchRelease NotesThird Party Advisory
- https://www.usenix.org/conference/usenixsecurity22/presentation/jeitnerVendor Advisory