Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
328
Views
0
Helpful
1
Replies

CSCve44806

Sandip_14
Level 1
Level 1

‎06-10-2017 11:30 PM - edited ‎03-20-2019 09:23 PM

Hi,

I was been going through the release note for Jabber 11.8.4 and I found the Bug "CSCve44806" in the same. When I tried to search the same bug in the Cisco Bug Search Tool, it tells "Insufficient Permissions to View Bug". Please help me out to understand subjected bug.

Labels:
0 Helpful
1 Reply 1

farcosre
Cisco Employee
Cisco Employee

‎06-14-2017 08:07 AM

Hi, about the bug, Jabber for Windows queries the file c:\dev\urandom during operation. /dev/urandom is the random number seed file on unix systems, however it is not a file that is normally present on the windows platform. Random numbers are normally used when establishing secure connections. With this file being easy to create on the windows platform, the random number data can be fixed and therefore the numbers used to generate the ssl connection can be fixed. This would allow an attacker to decrypt any secure communications made by the Jabber client.

greetings!

0 Helpful
Customers Also Viewed These Support Documents