Description
The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) sends a long series of random bytes during use of the Dual_EC_DRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than CVE-2007-6755.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
http://dualec.org/DualECTLS.pdf
Various Sources x_refsource_misc
http://dualec.org/
Scores
EPSS
0.0022
EPSS Percentile
44.5%
Details
CWE
CWE-310
Status
published
Products (1)
dell/bsafe_share
Published
Jun 17, 2014
Tracked Since
Feb 18, 2026