Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-200803-07 Low Severity: Paramiko Information Disclosure

gentoo
Calendar Grey March 3, 2008
Dist Gentoo Esm H88
Protect user security with Gentoo's minor advisory concerning Paramiko's inadequate randomness, which may result in data exposure.
Unsafe randomness usage in Paramiko may allow access to sensitive information.

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200803-07
                                            https://security.gentoo.org/

  Severity: Low
     Title: Paramiko: Information disclosure
      Date: March 03, 2008
      Bugs: #205777
        ID: 200803-07


Synopsis
=======
Unsafe randomness usage in Paramiko may allow access to sensitive
information.

Background
=========
Paramiko is a Secure Shell Server implementation written in Python.

Affected packages
================
    -------------------------------------------------------------------
     Package              /  Vulnerable  /                  Unaffected
    -------------------------------------------------------------------
  1  dev-python/paramiko       < 1.7.2                        >= 1.7.2

==========
Dwayne C. Litzenberger reported that the file "common.py" does not
properly use RandomPool when using threads or forked processes.

Impact
=====
A remote attack...
Read the Full Advisory
Topics%20covered

Topics Covered

security advisory information leak gentoo low severity information disclosure secure shell paramiko

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory information leak gentoo low severity information disclosure secure shell paramiko

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here