Weak Random Number Generators in SecureW2 3.0 TLS Implementation: A Vulnerability
CVE-2005-3087 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The SecureW2 3.0 TLS implementation uses weak random number generators (rand and srand from system time) during generation of the pre-master secret (PMS), which makes it easier for attackers to guess the secret and decrypt sensitive data.
Learn more about our Web Application Penetration Testing UK.