Strix
26.1K

CVE-2006-1833

UnknownEPSS 0.83%

Last modified

CVE-2006-1833 is a vulnerability of currently unknown severity. Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface.. EPSS estimates a 0.83% chance of exploitation in the next 30 days.

Description

Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface.

Metrics

EPSS Probability
0.83%

53.0th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
NetbsdNetbsd1.6
NetbsdNetbsd1.6.1
NetbsdNetbsd1.6.2
NetbsdNetbsd2.0
NetbsdNetbsd2.0.1
NetbsdNetbsd2.0.2
NetbsdNetbsd2.0.3
NetbsdNetbsd2.1
NetbsdNetbsd3.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2006-1833?
Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface.
How severe is CVE-2006-1833?
Severity scoring for CVE-2006-1833 is pending analysis. The EPSS model estimates a 0.83% probability of exploitation in the next 30 days.
How do I fix CVE-2006-1833?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-1833?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST