CVE-2026-57082
Gravedad CVSS v3.1:
MEDIA
Tipo:
CWE-330
Uso de valores insuficientemente aleatorios
Fecha de publicación:
30/06/2026
Última modificación:
30/06/2026
Descripción
*** Pendiente de traducción *** Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG.<br />
<br />
The MSE (Message Stream Encryption) handshake derives its 160-bit Diffie-Hellman private key from Perl&#39;s rand(), a non-cryptographic drand48-class generator seeded once per process, in KeyExchange.pm. The shared secret and the RC4 keys derived from it (the SHA-1 of "keyA" or "keyB", the shared secret, and the infohash) therefore depend entirely on a predictable PRNG. The same handshake sends, in cleartext, random padding drawn from the same rand() sequence in _random_pad, immediately after the public key and the private-key draw.<br />
<br />
A passive observer of the handshake recovers the PRNG state from the cleartext padding, reconstructs the private key, computes the shared secret from the peer&#39;s public key on the wire, derives the RC4 keys, and decrypts the connection, defeating the passive-observation obfuscation MSE provides.
Impacto
Puntuación base 3.x
5.90
Gravedad 3.x
MEDIA



