Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Q-325: gnutls11 Cryptographic Weakness

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Q-325: gnutls11 Cryptographic Weakness
# 1  
Old 12-24-2007
Q-325: gnutls11 Cryptographic Weakness
A flaw in GNU TLS cryptographic package that could allow an attacker to generate a forged signature that GNU TLS will accept as valid. The risk is LOW. Could allow an attacker to generate a forged signature that will be accepted as valid.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Solaris

Assigning cryptographic resources to the control domain

Sun documentation suggests that we need to assign cryptographic resources to the control domain as part of the initial configuration. I searched the documentation to better understand the purpose of this and know recommendation/limitation. I am doing this for Netra T5220 and wondering if the... (5 Replies)
Discussion started by: StarSol
5 Replies

2. UNIX for Advanced & Expert Users

Weakness in Perl CGI causes memory dump ??

I have discovered a curious phenomenon in GCI. I need some advice from someone far more adept. Is this a bug or potential security weakness? Context: Redhat 8.0 on xx86 (pentium 3) Apache 2.0, Perl 5.80 Background: I've been trying to harden a web application which accepts user uploaded... (0 Replies)
Discussion started by: andyj
0 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

pwmake

PWMAKE(1)						      General Commands Manual							 PWMAKE(1)

NAME

       pwmake - simple tool for generating random relatively easily pronounceable passwords

SYNOPSIS

       pwmake <entropy-bits>

DESCRIPTION

       pwmake  is  a  simple configurable tool for generating random and relatively easily pronounceable passwords. The tool allows you to specify
       the number of entropy bits that are used to generate the password.

       The entropy is pulled from /dev/urandom.

       The minimum number of bits is 56 which is usable for passwords on systems/services where brute force attacks are of very  limited  rate	of
       tries.  The 64 bits should be adequate for applications where the attacker does not have direct access to the password hash file. For situ-
       ations where the attacker might obtain the direct access to the password hash or the password is used as an encryption key 80 to  128  bits
       should be used depending on your level of paranoia.

OPTIONS

       The first and only argument is the number of bits of entropy used to generate the password.

FILES

       /etc/security/pwquality.conf - The configuration file for the libpwquality library.

RETURN CODES

       pwmake returns 0 on success, non zero on error.

SEE ALSO

       pwscore(1), pam_pwquality(8)

AUTHORS

       Tomas Mraz <tmraz@redhat.com>

Red Hat, Inc.							    10 Nov 2011 							 PWMAKE(1)