漏洞信息详情
Lincoln D. Stein Crypt::CBC Perl模块弱密文漏洞
- CNNVD编号:CNNVD-200602-398
- 危害等级: 低危
![图片[1]-Lincoln D. Stein Crypt::CBC Perl模块弱密文漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-04-27/fa6998ac850c38cb90c47a02e5a8652c.png)
- CVE编号:
CVE-2006-0898
- 漏洞类型:
设计错误
- 发布时间:
2006-02-25
- 威胁类型:
远程
- 更新时间:
2006-02-27
- 厂 商:
lincoln_d._stein - 漏洞来源:
The vendor disclos… -
漏洞简介
Crypt::CBC Perl module 2.16及之前版本在RandomIV模式下运行时使用8个字节的初始化向量(IV),当与需要大于8字节块大小的密码(如Rijndael)一起使用时会导致更低的加密强度。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Lincoln D. Stein Crypt::CBC 1.25
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.02
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.08
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.11
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.05
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 1.21
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.10
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.14
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.01
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.00
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.15
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.03
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.07
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.12
Debian libcrypt-cbc-perl_2.12-1sarge1_all.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/libc/libcrypt-cbc-perl/i bcrypt-cbc-perl_2.12-1sarge1_all.deb
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 1.10
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 1.20
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.16
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
Lincoln D. Stein Crypt::CBC 2.04
Lincoln D. Stein Crypt-CBC-2.17.tar.gz
http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Crypt-CBC-2.17.tar.gz
参考网址
来源: BID
名称: 16802
链接:http://www.securityfocus.com/bid/16802
来源: BUGTRAQ
名称: 20060223 Vulnerability in Crypt::CBC Perl module, versions <= 2.16
链接:http://www.securityfocus.com/archive/1/archive/1/425966/100/0/threaded
来源: SECUNIA
名称: 31493
链接:http://secunia.com/advisories/31493
来源: REDHAT
名称: RHSA-2008:0630
链接:http://rhn.redhat.com/errata/RHSA-2008-0630.html
来源: XF
名称: crypt-cbc-header-weak-encryption(24954)
链接:http://xforce.iss.net/xforce/xfdb/24954
来源: REDHAT
名称: RHSA-2008:0261
链接:http://www.redhat.com/support/errata/RHSA-2008-0261.html
来源: SUSE
名称: SUSE-SR:2006:015
链接:http://www.novell.com/linux/security/advisories/2006_38_security.html
来源: GENTOO
名称: GLSA-200603-15
链接:http://www.gentoo.org/security/en/glsa/glsa-200603-15.xml
来源: DEBIAN
名称: DSA-996
链接:http://www.debian.org/security/2006/dsa-996
来源: SREASON
名称: 488
链接:http://securityreason.com/securityalert/488
来源: SECUNIA
名称: 20899
链接:http://secunia.com/advisories/20899
来源: SECUNIA
名称: 19303
链接:http://secunia.com/advisories/19303
来源: SECUNIA
名称: 19187
链接:http://secunia.com/advisories/19187
来源: SECUNIA
名称: 18755
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
