CVE-2011-2683

EUVD-2011-2665
reseed seeds random numbers from an insecure HTTP request to random.org during installation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a man-in-the-middle attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
Affected Products (NVD)
VendorProductVersion
reseed_projectreseed
-
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
reseed
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
dne
precise
dne
quantal
dne
raring
dne
saucy
dne
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2011/07/06/8
http://www.openwall.com/lists/oss-security/2014/02/08/5
https://bugs.launchpad.net/ubuntu/+source/reseed/+bug/804594
http://www.openwall.com/lists/oss-security/2011/07/06/8
http://www.openwall.com/lists/oss-security/2014/02/08/5
https://bugs.launchpad.net/ubuntu/+source/reseed/+bug/804594