{"id":"DEBIAN-CVE-2011-0766","details":"The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.","modified":"2026-04-28T20:06:26.105042Z","published":"2011-05-31T20:55:01.780Z","upstream":["CVE-2011-0766"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2011-0766"}],"affected":[{"package":{"name":"erlang","ecosystem":"Debian:11","purl":"pkg:deb/debian/erlang?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:14.b.3-dfsg-1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-0766.json"}},{"package":{"name":"erlang","ecosystem":"Debian:12","purl":"pkg:deb/debian/erlang?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:14.b.3-dfsg-1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-0766.json"}},{"package":{"name":"erlang","ecosystem":"Debian:13","purl":"pkg:deb/debian/erlang?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:14.b.3-dfsg-1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-0766.json"}},{"package":{"name":"erlang","ecosystem":"Debian:14","purl":"pkg:deb/debian/erlang?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:14.b.3-dfsg-1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-0766.json"}}],"schema_version":"1.7.5"}