August 23, 2001

NetBSD: OpenSSL PRNG weakness

Author: JT Smith

Posted at LinuxSecurity.com: "The OpenSSL libcrypto includes a PRNG (pseudo random number generator)
implementation. The logic used for PRNG was not strong enough,
and allows attackers to guess the internal state of the PRNG.
Therefore, attackers can predict future PRNG output."

Category:

  • Linux
Click Here!