WarCat team

2 exploits Active since May 2008
CVE-2008-0166 EXPLOITDB HIGH python WORKING POC
OpenSSL <0.9.8g-9 - Info Disclosure
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.
CVSS 7.5
CVE-2008-3280 EXPLOITDB MEDIUM python WORKING POC
OpenID - Use of Cryptographically Weak Pseudo-Random Number Generator
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166). In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact that almost all SSL/TLS implementations do not consult CRLs (currently an untracked issue), this means that it is impossible to rely on these OPs.
CVSS 5.9