Description
The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) processes certain requests for output bytes by considering only the requested byte count and not the use of cached bytes, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than CVE-2007-6755.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
http://dualec.org/DualECTLS.pdf
Various Sources x_refsource_misc
http://dualec.org/
Scores
EPSS
0.0022
EPSS Percentile
44.5%
Details
CWE
CWE-310
Status
published
Products (1)
dell/bsafe_share
Published
Jun 17, 2014
Tracked Since
Feb 18, 2026