1 results (0.001 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors. Beaker anteriores v1.6.4, cuando se usa PyCrypto para cifrar sesiones, usa AES en modo de cifrado ECB, lo que podría permitir a atacantes remotos obtener porciones de información sensible a través de vectores no especificados. • http://secunia.com/advisories/50226 http://secunia.com/advisories/50520 http://www.debian.org/security/2012/dsa-2541 http://www.openwall.com/lists/oss-security/2012/08/13/10 https://bugzilla.redhat.com/show_bug.cgi?id=809267 https://github.com/bbangert/beaker/commit/91becae76101cf87ce8cbfabe3af2622fc328fe5 • CWE-310: Cryptographic Issues •