CVE-2008-5162 Vulnerability Details

  /     /     /  

CVE-2008-5162 Metadata Quick Info

CVE Published: 26/11/2008 | CVE Updated: 07/08/2024 | CVE Year: 2008
Source: freebsd | Vendor: n/a | Product: n/a
Status : PUBLISHED

---

CVE-2008-5162 Description

The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for attackers to predict the function\'s return values and conduct certain attacks against the GEOM framework and various network protocols, related to the Yarrow random number generator.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: n/a
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).