CVE-2007-5502
NONEThe PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes i
게시됨: 12/1/2007업데이트됨: 4/9/2025
설명
The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness.
AI 분석AI 기반
영향받는 제품
opensslfips_object_module
1.1.1
참조
- http://secunia.com/advisories/27859PatchVendor Advisory
- http://www.kb.cert.org/vuls/id/150249US Government Resource
- http://www.openssl.org/news/secadv_20071129.txt
- http://www.securityfocus.com/bid/26652Patch
- http://www.securitytracker.com/id?1019029
- http://www.vupen.com/english/advisories/2007/4044
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38796
- http://secunia.com/advisories/27859PatchVendor Advisory
- http://www.kb.cert.org/vuls/id/150249US Government Resource
- http://www.openssl.org/news/secadv_20071129.txt
- http://www.securityfocus.com/bid/26652Patch
- http://www.securitytracker.com/id?1019029
- http://www.vupen.com/english/advisories/2007/4044
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38796