Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator
Vulnerability Description
Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand() function, which is not suitable for cryptographic functions.
CVSS Information
N/A
Vulnerability Type
使用具有密码学弱点缺陷的PRNG
Vulnerability Title
Net::NSCA::Client 安全漏洞
Vulnerability Description
Net::NSCA::Client是DOUGDUDE个人开发者的一个Perl库。 Net::NSCA::Client 0.009002及之前版本存在安全漏洞,该漏洞源于使用不安全的随机数生成器,可能导致会话ID被预测。
CVSS Information
N/A
Vulnerability Type
N/A