Description
The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation mechanism.
Remediation
References
Related Vulnerabilities
Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-9690)
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.34)
WordPress Plugin Coming Soon Page & Maintenance Mode Cross-Site Request Forgery (1.7.8)
WordPress Plugin Advanced Dynamic Pricing for WooCommerce Multiple Vulnerabilities (4.1.5)
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4223)