Weak Key Generation Vulnerability in OpenSSL and OpenSSH for FreeBSD Alpha Systems

Weak Key Generation Vulnerability in OpenSSL and OpenSSH for FreeBSD Alpha Systems

CVE-2000-0535 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.

Learn more about our Web Application Penetration Testing UK.