CVE-2009-5057 (retired)

Priority
Description
The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 does
not configure the RANDFILE and HOME environment variables for OpenSSL,
which might make it easier for remote attackers to decrypt e-mail messages
that had lower than intended entropy available for cryptographic
operations, related to inability to write to the seeding file.
Notes
Package
Source: otrs2 (LP Ubuntu Debian)
Upstream:released (2.3.4)
More Information

Updated: 2019-10-09 07:23:38 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)