Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0094

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0094
Last Modified 10 Sep 2008 08:05:48
Published 03 Mar 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0094

Summary

A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of attacks to succeed.

Vulnerable Systems

Application

  • Andries Brouwer Util-linux 2.11n

  • Andries Brouwer Util-linux 2.11u


References

XF - utillinux-mcookie-cookie-predictable(11318)

BID - 6855

MANDRAKE - MDKSA-2003:016


Last Updated: 27 May 2016 10:37:47