Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3087

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-3087
Last Modified 05 Sep 2008 04:53:25
Published 27 Sep 2005 04:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3087

Summary

The SecureW2 3.0 TLS implementation uses weak random number generators (rand and srand from system time) during generation of the pre-master secret (PMS), which makes it easier for attackers to guess the secret and decrypt sensitive data.

Vulnerable Systems

Application

  • Securew2 3.0


References

SECUNIA - 16909

FULLDISC - 20050923 SecureW2 TLS security problem


Last Updated: 27 May 2016 10:40:48