Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0535

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0535
Last Modified 10 Sep 2008 03:05:00
Published 12 Jun 2000 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0535

Summary

OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.

Vulnerable Systems

Operating System

  • Freebsd 4.0

  • Freebsd 5.0

Application

  • Openssl 0.9.4


References

BID - 1340

FREEBSD - FreeBSD-SA-00:25


Last Updated: 27 May 2016 10:35:45