Vulnerability Details CVE-2005-0106
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.7%
CVSS Severity
CVSS v2 Score 4.6
References
- http://secunia.com/advisories/18639
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:023
- http://www.securityfocus.com/bid/13471
- https://usn.ubuntu.com/113-1/
- http://secunia.com/advisories/18639
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:023
- http://www.securityfocus.com/bid/13471
- https://usn.ubuntu.com/113-1/
Products affected by CVE-2005-0106
-
cpe:2.3:o:ubuntu:ubuntu_linux:5.04