FreeBSD : libtomcrypt -- weak signature scheme with ECC keys (a78299e7-9ef3-11da-b410-000e0c2e438a)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

The Secure Science Corporation reports that libtomcrypt is vulnerable
to a weak signature scheme. This allows an attacker to create a valid
random signature and use that to sign arbitrary messages without
requiring the private key.

See also :

http://marc.info/?l=bugtraq&m=111540819703204
http://www.nessus.org/u?1d4e4c63

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21489 (freebsd_pkg_a78299e79ef311dab410000e0c2e438a.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now