cve/CVE-2013-7373.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications.

POC

Reference

http://emboss.github.io/blog/2013/08/21/openssl-prng-is-not-really-fork-safe/
http://emboss.github.io/blog/2013/08/21/openssl-prng-is-not-really-fork-safe/
http://www.reddit.com/r/Android/comments/1k6f03/due_to_a_serious_encryptionrng_flaw_in_android/cblvum5
http://www.reddit.com/r/Android/comments/1k6f03/due_to_a_serious_encryptionrng_flaw_in_android/cblvum5

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/chnzzh/OpenSSL-CVE-lib

1.0 KiB Raw Blame History

CVE-2013-7373

Description

POC

Reference

Github

1.0 KiB

Raw Blame History