Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2681

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-2681
Last Modified 24 Nov 2013 11:25:42
Published 28 Sep 2012 01:55:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-2681

Summary

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key.

Vulnerable Systems

Application

  • Redhat Enterprise Mrg 2.0

  • Trevor Mckay Cumin 0.1.3160-1

  • Trevor Mckay Cumin 0.1.4369-1

  • Trevor Mckay Cumin 0.1.4410-2

  • Trevor Mckay Cumin 0.1.4494-1

  • Trevor Mckay Cumin 0.1.4794-1

  • Trevor Mckay Cumin 0.1.4916-1

  • Trevor Mckay Cumin 0.1.5098-2

  • Trevor Mckay Cumin 0.1.5192-1

  • Trevor Mckay Cumin 0.1.5192-4


References

REDHAT - RHSA-2012:1281

REDHAT - RHSA-2012:1278

MISC - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=827558

XF - cumin-redhat-weak-security(78771)

BID - 55618

SECUNIA - 50660


Last Updated: 27 May 2016 11:00:50