This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
An update for libgcrypt is now available for Red Hat Enterprise Linux
6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security
impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
The libgcrypt library provides general-purpose implementations of
various cryptographic algorithms.
Security Fix(es) :
* A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number
Generator). An attacker able to obtain the first 580 bytes of the PRNG
output could predict the following 20 bytes. (CVE-2016-6313)
Red Hat would like to thank Felix Dorre and Vladimir Klebanov for
reporting this issue.
See also :
Update the affected libgcrypt, libgcrypt-debuginfo and / or
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true