Vulnerability Details CVE-2003-0094
A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of attacks to succeed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:016
- http://www.securityfocus.com/bid/6855
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11318
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:016
- http://www.securityfocus.com/bid/6855
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11318
Products affected by CVE-2003-0094
-
cpe:2.3:a:andries_brouwer:util-linux:2.11n
-
cpe:2.3:a:andries_brouwer:util-linux:2.11u