CVE-2012-2387
devotee 0.1 patch 2 - Exposure of Sensitive Information via Weak Random Number Generation
Title source: llmDescription
devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random numbers, which makes it easier for remote attackers to obtain the secret monikers via a brute force attack.
References (3)
Core 3
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/21/2
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/18/15
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/22/11
Scores
EPSS
0.0139
EPSS Percentile
69.1%
Details
CWE
CWE-200
Status
published
Products (1)
debian/devotee
0.1
Published
Aug 20, 2012
Tracked Since
Feb 18, 2026