MidnightBSD

Advisories for adam_kennedy

CVE-2011-3599 MEDIUM

The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
adam_kennedy crypt-dsa 0.14
adam_kennedy crypt-dsa 0.11
adam_kennedy crypt-dsa 0.12
adam_kennedy crypt-dsa 0.15_01
adam_kennedy crypt-dsa 0.02
adam_kennedy crypt-dsa 0.10
adam_kennedy crypt-dsa 0.13
adam_kennedy crypt-dsa 0.03
adam_kennedy crypt-dsa *
adam_kennedy crypt-dsa 1.16
adam_kennedy crypt-dsa 0.01