Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector (IV) of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael.

Related bugs and status

CVE-2006-0898 (Candidate) is related to these bugs:

Bug #1493037: lib*-perl dependencies of dh-golang and libtype-tiny-perl

Summary				In	Importance	Status
	1493037	lib*-perl dependencies of dh-golang and libtype-tiny-perl		Ubuntu	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

BID: 16802
SECUNIA: 18755
DEBIAN: DSA-996
SECUNIA: 19187
GENTOO: GLSA-200603-15
SECUNIA: 19303
SUSE: SUSE-SR:2006:015
SECUNIA: 20899
SREASON: 488
REDHAT: RHSA-2008:0261
REDHAT: RHSA-2008:0630
SECUNIA: 31493
XF: crypt-cbc-header-weak-...
BUGTRAQ: 20060223 Vulnerability...