Unrated severityNVD Advisory· Published Jul 10, 2001· Updated Apr 16, 2026

CVE-2001-1141

Description

The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers.

Affected products

OpenSSL Project/OpenSSL7 versions
cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
Ssleay/Ssleay3 versions
cpe:2.3:a:ssleay:ssleay:0.8.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ssleay:ssleay:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssleay:ssleay:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ssleay:ssleay:0.9.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.redhat.com/support/errata/RHSA-2001-051.htmlnvdPatchVendor Advisory
www.securityfocus.com/archive/1/195829nvdPatchVendor Advisory
www.securityfocus.com/bid/3004nvdPatchVendor Advisory
ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-013.txt.ascnvd
distro.conectiva.com.br/atualizacoes/nvd
www.linux-mandrake.com/en/security/2001/MDKSA-2001-065.php3nvd
www.linuxsecurity.com/advisories/other_advisory-1483.htmlnvd
www.osvdb.org/853nvd
www.securityfocus.com/advisories/3475nvd
exchange.xforce.ibmcloud.com/vulnerabilities/6823nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000