CVE-2012-2681 Information

Description

Cumin before 0.1.5444 as used in Red Hat Enterprise Messaging Realtime and Grid (MRG) 2.0 uses predictable random numbers to generate session keys which makes it easier for remote attackers to guess the session key.

Reference

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=827558 http://rhn.redhat.com/errata/RHSA-2012-1278.html http://rhn.redhat.com/errata/RHSA-2012-1281.html http://secunia.com/advisories/50660 http://www.securityfocus.com/bid/55618 https://exchange.xforce.ibmcloud.com/vulnerabilities/78771