Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0106

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-0106
Last Modified 13 Nov 2009 12:39:05
Published 03 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-0106

Summary

SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file.

Vulnerable Systems

Operating System

  • Ubuntu Linux 5.04


References

UBUNTU - USN-113-1

BID - 13471

MANDRIVA - MDKSA-2006:023

SECUNIA - 18639


Last Updated: 27 May 2016 10:39:40