RSS   Vulnerabilities for 'Crypt-dsa'   RSS

2011-10-10
 
CVE-2011-3599

CWE-310
 

 
The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack.

 


Copyright 2024, cxsecurity.com

 

Back to Top