SecureScoutLogo.jpg
OpenSSL PRNG Internal State Disclosure Vulnerability



Go to Vulnerabilities List

General Info

TC: 12081
Description: OpenSSL is an implementation of Secure Socket Layer technology. This technology is typically tightly integrated into http communications allowing for the instantaneous switching to HTTPS (secure web communications) when encrypted communications are required.
OpenSSL versions prior to 0.9.6b contain a flaw in their pseudo-random number generator which allows attackers to use the output of small PRNG requests to determine the internal state information of the target, which could be used by attackers to predict future pseudo-random numbers.
TC Impact: Gather Info
Service: http


Specific Operations and Actions:

Vulnerability Publication: July 10, 2001
Advisory Copyright: Markku-Juhani O. Saarinen
Summary: An attacker can gain access to information about your computer which can aid in future attacks.
Risk: Medium
CVSS 2.0 metrics: Access Vector: Network
Access Complexity: Low
Authentication: None
Confidentiality Impact: Partial
Integrity Impact: None
Availability Impact: None
CVSS 2.0 Base Score: 5.0
Vulnerability Impact: Gather Info
Host Impact: That an attacker can gain access to information about your computer which can aid in future attacks.
Nature of Remediation: Update the software.
Step required to fix the reported vulnerability:

***** Solution type: Upgrade Software *****

Upgrade to a version of OpenSSL greater than 0.9.6a. See references for more details.


Glossary and References :

References: www.sans.org/top20/
* BUGTRAQ: 20010710 OpenSSL Security Advisory: PRNG weakness in versions up to 0.9.6a
http://www.securityfocus.com/archive/1/195829
* FREEBSD: FreeBSD-SA-01:51
http://www.securityfocus.com/advisories/3475
* NETBSD: NetBSD-SA2001-013
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-013.txt.asc
* REDHAT: RHSA-2001:051
http://www.redhat.com/support/errata/RHSA-2001-051.html
* BID: 3004
http://www.securityfocus.com/bid/3004
* OSVDB: 853
http://www.osvdb.org/853
* MISC:
http://www.sans.org/top20/2002/#U3

CVE Link: CVE-2001-1141
 CVE Compatible

Glossary: Brute Force Attack
HTTP
HTTPS
SSL

© 2003-2010 NexantiS Corporation (www.securescout.com)
SecureScout is a trademark of NexantiS
All Rights Reserved
All products names referenced herein are trademarks of their respective companies

SecureScout products are certified:
CVE Compatible
SANS TOP 20 Compatible
CVSS Compatible (Common Vulnerability Scoring System)