ALT Linux Team

Package pwgen update in sisyphus on 2019-08-26

ALT-PU-2019-2538-1

Package pwgen updated to version 2.08-alt1 for branch sisyphus in task 236621.

Closed vulnerabilities

Published: 2014-12-19
Modified: 2024-11-21

CVE-2013-4440

Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

Severity: MEDIUM (5.0)
References:
Published: 2020-01-27
Modified: 2024-11-21

CVE-2013-4441

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2014-12-19
Modified: 2024-11-21

CVE-2013-4442

Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

Severity: MEDIUM (5.0)
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top