6 matches found
[Full-disclosure] [ MDKSA-2006:023 ] - Updated perl-Net_SSLeay packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:023 http://www.mandriva.com/security/ Package : perl-NetSSLeay Date : January 26, 2006 Affected: 10.1, 10.2, 2006.0, Corporate 3.0 Problem Description: Javier Fernandez-Sanguino Pena discovered that the perl...
CVE-2005-0106
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGDPATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file...
DEBIAN-CVE-2005-0106
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGDPATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file...
CVE-2005-0106
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGDPATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file...
CVE-2005-0106
CVE-2005-0106 affects the perl module libnet-ssleay-perl (SSLeay.pm) before 1.25. When no entropy source is set in EGD_PATH, it falls back to the file /tmp/entropy, which an attacker with write access to that file could modify to weaken cryptographic operations. Consequence: potential partial imp...
CVE-2005-0106
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGDPATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file...