This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Pwgen Project First view 2014-12-19
Product Pwgen Last view 2020-01-27
Version 2.06 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:pwgen_project:pwgen

Activity : Overall

Related : CVE

  Date Alert Description
9.8 2020-01-27 CVE-2013-4441

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

5 2014-12-19 CVE-2013-4442

Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

5 2014-12-19 CVE-2013-4440

Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CWE : Common Weakness Enumeration

%idName
33% (1) CWE-310 Cryptographic Issues
33% (1) CWE-307 Improper Restriction of Excessive Authentication Attempts
33% (1) CWE-255 Credentials Management

Nessus® Vulnerability Scanner

id Description
2015-01-09 Name: The remote Mandriva Linux host is missing a security update.
File: mandriva_MDVSA-2015-008.nasl - Type: ACT_GATHER_INFO
2014-12-17 Name: The remote Fedora host is missing a security update.
File: fedora_2014-16473.nasl - Type: ACT_GATHER_INFO
2014-12-15 Name: The remote Fedora host is missing a security update.
File: fedora_2014-16368.nasl - Type: ACT_GATHER_INFO
2014-12-15 Name: The remote Fedora host is missing a security update.
File: fedora_2014-16406.nasl - Type: ACT_GATHER_INFO