CVE Catalog
CVE-2000-0445
LowExploitation Probability (EPSS)
Low risk0.41%
33th percentile — higher than 33% of all known CVEs
Summary
The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys.
Risk Assessment
Predictable keys could be exploited by attackers to break encryption, posing a serious threat to the organization's data security.
Recommendation
It is recommended to upgrade to a newer version of PGP that improves key generation to ensure an adequate level of randomness.
Original NVD description (English source)
The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys.

