Oval Definition:oval:com.ubuntu.artful:def:20076755000
Revision Date:2013-10-11Version:1
Title:CVE-2007-6755 on Ubuntu 17.10 (artful) - low.
Description:The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2007-6755
Platform(s):Ubuntu 17.10
Product(s):
Definition Synopsis
  • Ubuntu 17.10 (artful) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'bouncycastle' package in artful is not affected (note: 'code not present').
  • OR NOT While related to the CVE in some way, the 'gnutls28' package in artful is not affected.
  • OR The vulnerability of the 'mbedtls' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
  • OR NOT While related to the CVE in some way, the 'nss' package in artful is not affected.
  • OR NOT While related to the CVE in some way, the 'openssl' package in artful is not affected.
  • OR NOT While related to the CVE in some way, the 'python-crypto' package in artful is not affected.
  • BACK