Erlang OTP up to R14b02 Random Number Generator cryptographic issues
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.2 | $0-$5k | 0.00 |
A vulnerability classified as critical has been found in Erlang OTP up to R14b02. This affects an unknown code of the component Random Number Generator. The manipulation with an unknown input leads to a cryptographic issues vulnerability. CWE is classifying the issue as CWE-310. This is going to have an impact on confidentiality. The summary by CVE is:
The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.
The weakness was disclosed 05/31/2011 by Geoff as confirmed advisory (CERT.org). The advisory is shared at kb.cert.org. This vulnerability is uniquely identified as CVE-2011-0766 since 02/03/2011. The exploitability is told to be easy. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1600 for this issue.
The vulnerability scanner Nessus provides a plugin with the ID 54826 (FreeBSD : Erlang -- ssh library uses a weak random number generator (e4833927-86e5-11e0-a6b4-000a5e1e33c6)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family FreeBSD Local Security Checks.
Upgrading to version R12b-5 eliminates this vulnerability.
The vulnerability is also documented in the databases at X-Force (67640) and Tenable (54826).
Product
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.5VulDB Meta Temp Score: 7.2
VulDB Base Score: 7.5
VulDB Temp Score: 7.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Cryptographic issuesCWE: CWE-310
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Nessus ID: 54826
Nessus Name: FreeBSD : Erlang -- ssh library uses a weak random number generator (e4833927-86e5-11e0-a6b4-000a5e1e33c6)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Port: 🔍
OpenVAS ID: 69757
OpenVAS Name: FreeBSD Ports: erlang
OpenVAS File: 🔍
OpenVAS Family: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: OTP R12b-5
Patch: github.com
Timeline
02/03/2011 🔍05/25/2011 🔍
05/25/2011 🔍
05/26/2011 🔍
05/26/2011 🔍
05/31/2011 🔍
05/31/2011 🔍
06/01/2011 🔍
03/23/2015 🔍
11/07/2021 🔍
Sources
Advisory: f228601de45c5b53241b103af6616453c50885a5Researcher: Geoff
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2011-0766 (🔍)
X-Force: 67640
Vulnerability Center: 31613 - Erlang/OTP before R14B03 SSH Random Number Generator Creates Predictable Seeds, Medium
SecurityFocus: 47980 - Erlang/OTP SSH Library Random Number Generator Weakness
Secunia: 44709 - Erlang/OTP SSH Insecure Random Number Generator Security Issue, Less Critical
Entry
Created: 03/23/2015 16:50Updated: 11/07/2021 22:25
Changes: 03/23/2015 16:50 (64), 03/23/2017 07:44 (12), 11/07/2021 22:16 (4), 11/07/2021 22:25 (1)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.