Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector (IV) of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael.

Published

2006-02-25T11:02:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 2.6 (LOW)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

4.9

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	lincoln_d._stein	crypt_cbc	≤ 2.16	Yes
Application	lincoln_d._stein	crypt_cbc	1.00	Yes
Application	lincoln_d._stein	crypt_cbc	1.10	Yes
Application	lincoln_d._stein	crypt_cbc	1.20	Yes
Application	lincoln_d._stein	crypt_cbc	1.21	Yes
Application	lincoln_d._stein	crypt_cbc	1.22	Yes
Application	lincoln_d._stein	crypt_cbc	1.24	Yes
Application	lincoln_d._stein	crypt_cbc	1.25	Yes
Application	lincoln_d._stein	crypt_cbc	2.00	Yes
Application	lincoln_d._stein	crypt_cbc	2.01	Yes
Application	lincoln_d._stein	crypt_cbc	2.02	Yes
Application	lincoln_d._stein	crypt_cbc	2.03	Yes
Application	lincoln_d._stein	crypt_cbc	2.04	Yes
Application	lincoln_d._stein	crypt_cbc	2.05	Yes
Application	lincoln_d._stein	crypt_cbc	2.07	Yes
Application	lincoln_d._stein	crypt_cbc	2.08	Yes
Application	lincoln_d._stein	crypt_cbc	2.09	Yes
Application	lincoln_d._stein	crypt_cbc	2.10	Yes
Application	lincoln_d._stein	crypt_cbc	2.11	Yes
Application	lincoln_d._stein	crypt_cbc	2.12	Yes
Application	lincoln_d._stein	crypt_cbc	2.13	Yes
Application	lincoln_d._stein	crypt_cbc	2.14	Yes
Application	lincoln_d._stein	crypt_cbc	2.15	Yes

References

http://rhn.redhat.com/errata/RHSA-2008-0630.html ([email protected])
http://secunia.com/advisories/18755 ([email protected])
http://secunia.com/advisories/19187 ([email protected])
http://secunia.com/advisories/19303 ([email protected])
http://secunia.com/advisories/20899 ([email protected])
http://secunia.com/advisories/31493 ([email protected])
http://securityreason.com/securityalert/488 ([email protected])
http://www.debian.org/security/2006/dsa-996 ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200603-15.xml ([email protected])
http://www.novell.com/linux/security/advisories/2006_38_security.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2008-0261.html ([email protected])
http://www.securityfocus.com/archive/1/425966/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/16802 Patch ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/24954 ([email protected])
http://rhn.redhat.com/errata/RHSA-2008-0630.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18755 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/19187 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/19303 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/20899 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31493 (af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/488 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-996 (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200603-15.xml (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2006_38_security.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2008-0261.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/425966/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/16802 Patch (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/24954 (af854a3a-2127-422b-91ae-364da2661108)