NuytsTech Security

CVE-2011-3599

by ·

The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack.

Date published : 2011-10-10

http://www.securityfocus.com/bid/49928

https://bugzilla.redhat.com/show_bug.cgi?id=743567

Tags: