CVE-2012-2387

CVE-2012-2387

EPSS 1.4%

devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random numbers, which makes it easier for remote attackers to obtain the secret monikers via a brute force attack.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://www.openwall.com/lists/oss-security/2012/05/18/15 http://www.openwall.com/lists/oss-security/2012/05/21/2 http://www.openwall.com/lists/oss-security/2012/05/22/11