1 results (0.004 seconds)
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2017-2626 – libICE: weak entropy usage in session keys
https://notcve.org/view.php?id=CVE-2017-2626
01 Mar 2017 — It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list. Se ha descubierto que libICE en versiones anteriores a la 1.0.9-8 usaba una entropía débil para generar claves. Un atacante local podría utilizar este fallo para secuestrar sesiones utilizando la información disponible en la lista de procesos. It was discovered that libICE used a weak entropy to genera... • https://packetstorm.news/files/id/141367 • CWE-331: Insufficient Entropy •