FreeBSD : Erlang -- ssh library uses a weak random number generator (e4833927-86e5-11e0-a6b4-000a5e1e33c6)
High Nessus Plugin ID 54826
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionUS-CERT reports :
The Erlang/OTP ssh library implements a number of cryptographic operations that depend on cryptographically strong random numbers.
Unfortunately the RNG used by the library is not cryptographically strong, and is further weakened by the use of predictable seed material. The RNG (Wichman-Hill) is not mixed with an entropy source.
SolutionUpdate the affected package.