Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) processes certain requests for output bytes by considering only the requested byte count and not the use of cached bytes, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than CVE-2007-6755.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EMC RSA BSAFE-C Toolkits 安全漏洞
Vulnerability Description
EMC RSA BSAFE-C Toolkits(也称Share for C and C++)是美国易安信(EMC)公司的一套支持C和C++语言的加密工具包,它能够帮助开发人员实现安全的应用程序设计,并支持对漏洞进行定期修复。 EMC RSA BSAFE-C Toolkits的Dual_EC_DRBG实现过程存在安全漏洞,该漏洞源于程序处理某些输出字节请求,只考虑请求的字节数,没有使用缓存的字节。远程攻击者可利用该漏洞从TLS会话中获取明文。
CVSS Information
N/A
Vulnerability Type
N/A