SecuritySpace - CVE-2013-7295

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2013-7295

Description: Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) relay identity keys and (2) hidden-service identity keys, which might make it easier for remote attackers to bypass cryptographic protection mechanisms via unspecified vectors.

Test IDs: 1.3.6.1.4.1.25623.1.1.10.2014.0059

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-7295
https://lists.torproject.org/pipermail/tor-talk/2013-December/031483.html
SuSE Security Announcement: openSUSE-SU-2014:0143 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00095.html

CVE ID:	CVE-2013-7295
Description:	Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) relay identity keys and (2) hidden-service identity keys, which might make it easier for remote attackers to bypass cryptographic protection mechanisms via unspecified vectors.
Test IDs:	1.3.6.1.4.1.25623.1.1.10.2014.0059
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-7295 https://lists.torproject.org/pipermail/tor-talk/2013-December/031483.html SuSE Security Announcement: openSUSE-SU-2014:0143 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00095.html