Author: JT Smith
LinuxSecurity: “The pseudo-random number generator in OpenSSL versions up to 0.9.6a has
a design flaw. By knowing the output of specific PRNG requests, an
attacker would be able to determine the PRNG’s internal state and thus
predict future PRNG output.”
a design flaw. By knowing the output of specific PRNG requests, an
attacker would be able to determine the PRNG’s internal state and thus
predict future PRNG output.”
Category:
- Linux