A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes (and is advertised as being unsuitable)."
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2013/02/08/2 | Mailing List Patch Third Party Advisory |
https://access.redhat.com/security/cve/cve-2012-6124 | Broken Link |
https://lists.nongnu.org/archive/html/chicken-hackers/2012-02/msg00084.html | Mailing List Patch Third Party Advisory |
https://security-tracker.debian.org/tracker/CVE-2012-6124 | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2019-10-31 21:15
Updated : 2024-02-28 17:28
NVD link : CVE-2012-6124
Mitre link : CVE-2012-6124
CVE.ORG link : CVE-2012-6124
JSON object : View
Products Affected
call-cc
- chicken
CWE
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)