DEBIAN-CVE-2008-0299

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2008-0299
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-0299.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2008-0299
Upstream
Published
2008-01-16T23:00:00Z
Modified
2025-11-19T01:01:59.414873Z
Summary
[none]
Details

common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool.

References

Affected packages

Debian:11 / paramiko

Package

Name
paramiko
Purl
pkg:deb/debian/paramiko?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.4-1.1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-0299.json"

Debian:12 / paramiko

Package

Name
paramiko
Purl
pkg:deb/debian/paramiko?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.4-1.1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-0299.json"

Debian:13 / paramiko

Package

Name
paramiko
Purl
pkg:deb/debian/paramiko?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.4-1.1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-0299.json"

Debian:14 / paramiko

Package

Name
paramiko
Purl
pkg:deb/debian/paramiko?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.4-1.1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-0299.json"