The Erlang/OTP SSH library's random number generator is not cryptographically strong because it relies on predictable seed material.
Geoff Cant's report states:
The Erlang/OTP ssh library implements a number of cryptographic operations that depend on cryptographically strong random numbers. Unfortunately the RNG used by the library is not cryptographically strong, and is further weakened by the use of predictable seed material. The RNG (Wichman-Hill) is not mixed with an entropy source.
An attacker can recover SSH session keys and DSA host keys.
Apply an Update
Thanks to Geoff Cant for reporting this vulnerability.
This document was written by Jared Allar.
|Date First Published:||2011-05-25|
|Date Last Updated:||2011-05-25 14:25 UTC|