CVE-2006-0898

EPSS 1.44%
Veröffentlicht 25.02.2006 11:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector (IV) of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 17

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lincoln D. Stein ≫ Crypt Cbc Version <= 2.16

Lincoln D. Stein ≫ Crypt Cbc Version1.00

Lincoln D. Stein ≫ Crypt Cbc Version1.10

Lincoln D. Stein ≫ Crypt Cbc Version1.20

Lincoln D. Stein ≫ Crypt Cbc Version1.21

Lincoln D. Stein ≫ Crypt Cbc Version1.22

Lincoln D. Stein ≫ Crypt Cbc Version1.24

Lincoln D. Stein ≫ Crypt Cbc Version1.25

Lincoln D. Stein ≫ Crypt Cbc Version2.00

Lincoln D. Stein ≫ Crypt Cbc Version2.01

Lincoln D. Stein ≫ Crypt Cbc Version2.02

Lincoln D. Stein ≫ Crypt Cbc Version2.03

Lincoln D. Stein ≫ Crypt Cbc Version2.04

Lincoln D. Stein ≫ Crypt Cbc Version2.05

Lincoln D. Stein ≫ Crypt Cbc Version2.07

Lincoln D. Stein ≫ Crypt Cbc Version2.08

Lincoln D. Stein ≫ Crypt Cbc Version2.09

Lincoln D. Stein ≫ Crypt Cbc Version2.10

Lincoln D. Stein ≫ Crypt Cbc Version2.11

Lincoln D. Stein ≫ Crypt Cbc Version2.12

Lincoln D. Stein ≫ Crypt Cbc Version2.13

Lincoln D. Stein ≫ Crypt Cbc Version2.14

Lincoln D. Stein ≫ Crypt Cbc Version2.15

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.44%	0.8

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:P/I:N/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://www.redhat.com/support/errata/RHSA-2008-0261.html

http://rhn.redhat.com/errata/RHSA-2008-0630.html

http://secunia.com/advisories/31493

http://secunia.com/advisories/18755

http://secunia.com/advisories/19187

http://secunia.com/advisories/19303

http://secunia.com/advisories/20899

http://securityreason.com/securityalert/488

http://www.debian.org/security/2006/dsa-996

http://www.gentoo.org/security/en/glsa/glsa-200603-15.xml

http://www.novell.com/linux/security/advisories/2006_38_security.html

http://www.securityfocus.com/archive/1/425966/100/0/threaded

http://www.securityfocus.com/bid/16802

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/24954

https://nvd.nist.gov/vuln/detail/CVE-2006-0898

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0898

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0898

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2006-0898