CVE Vulnerabilities

CVE-2012-2417

Published: Jun 17, 2012 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
4 MODERATE
AV:N/AC:H/Au:N/C:P/I:P/A:N
RedHat/V3
Ubuntu

PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key.

Affected Software

Name Vendor Start Version End Version
Pycrypto Dlitz 1.0.0 1.0.0
Pycrypto Dlitz 1.0.1 1.0.1
Pycrypto Dlitz 1.0.2 1.0.2
Pycrypto Dlitz 1.1 1.1
Pycrypto Dlitz 1.9 1.9
Pycrypto Dlitz 1.9 1.9
Pycrypto Dlitz 1.9 1.9
Pycrypto Dlitz 1.9 1.9
Pycrypto Dlitz 1.9 1.9
Pycrypto Dlitz 1.9 1.9
Pycrypto Dlitz 2.0 2.0
Pycrypto Dlitz 2.0.1 2.0.1
Pycrypto Dlitz 2.1.0 2.1.0
Pycrypto Dlitz 2.1.0 2.1.0
Pycrypto Dlitz 2.1.0 2.1.0
Pycrypto Dlitz 2.1.0 2.1.0
Pycrypto Dlitz 2.2 2.2
Pycrypto Dlitz 2.3 2.3
Pycrypto Dlitz 2.4 2.4
Pycrypto Dlitz 2.4.1 2.4.1
Pycrypto Dlitz * 2.5
Python-crypto Ubuntu hardy *
Python-crypto Ubuntu lucid *
Python-crypto Ubuntu natty *
Python-crypto Ubuntu oneiric *
Python-crypto Ubuntu precise *
Python-crypto Ubuntu upstream *

References