CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-0353

unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.6%

CVSS Severity

CVSS v2 Score 3.6

References

http://lists.lysator.liu.se/pipermail/lsh-bugs/2006q1/000467.html
http://secunia.com/advisories/18564
http://secunia.com/advisories/18623
http://www.debian.org/security/2006/dsa-956
http://www.osvdb.org/22695
http://www.securityfocus.com/bid/16357
http://www.vupen.com/english/advisories/2006/0301
https://exchange.xforce.ibmcloud.com/vulnerabilities/24263
http://lists.lysator.liu.se/pipermail/lsh-bugs/2006q1/000467.html
http://secunia.com/advisories/18564
http://secunia.com/advisories/18623
http://www.debian.org/security/2006/dsa-956
http://www.osvdb.org/22695
http://www.securityfocus.com/bid/16357
http://www.vupen.com/english/advisories/2006/0301
https://exchange.xforce.ibmcloud.com/vulnerabilities/24263

Products affected by CVE-2006-0353

Gnu » Lsh » Version: 2.0.1

cpe:2.3:a:gnu:lsh:2.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-0353

Products

Pricing

Contact Us