Vulnerability Details CVE-2012-2387
devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random numbers, which makes it easier for remote attackers to obtain the secret monikers via a brute force attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.5%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.openwall.com/lists/oss-security/2012/05/18/15
- http://www.openwall.com/lists/oss-security/2012/05/21/2
- http://www.openwall.com/lists/oss-security/2012/05/22/11
- http://www.openwall.com/lists/oss-security/2012/05/18/15
- http://www.openwall.com/lists/oss-security/2012/05/21/2
- http://www.openwall.com/lists/oss-security/2012/05/22/11