Oval Definition:oval:com.ubuntu.xenial:def:20076755000
Revision Date:2013-10-11Version:1
Title:CVE-2007-6755 on Ubuntu 16.04 LTS (xenial) - low.
Description:The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2007-6755
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'bouncycastle' package in xenial is not affected (note: 'code not present').
  • OR NOT While related to the CVE in some way, the 'gnutls28' package in xenial is not affected.
  • OR NOT While related to the CVE in some way, the 'mbedtls' package in xenial is not affected.
  • OR NOT While related to the CVE in some way, the 'nss' package in xenial is not affected.
  • OR NOT While related to the CVE in some way, the 'openssl' package in xenial is not affected.
  • OR NOT While related to the CVE in some way, the 'python-crypto' package in xenial is not affected.
  • BACK