Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6043

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2007-6043
Last Modified 05 Sep 2008 05:32:14
Published 20 Nov 2007 02:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6043

Summary

The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on (1) forward security and (2) backward security, related to use of eight instances of the RC4 cipher, and possibly a related issue to CVE-2007-3898.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


References

BID - 26495

MISC - http://www.computerworld.com.au/index.php/id;1165210682;fp;2;fpid;1

MISC - http://eprint.iacr.org/2007/419.pdf


Last Updated: 27 May 2016 10:46:22