Debian DSA-956-1 : lsh-server - filedescriptor leak

Stefan Pfetzing discovered that lshd, a Secure Shell v2 SSH2 protocol server, leaks a couple of file descriptors, related to the randomness generator, to user shells which are started by lshd. A local attacker can truncate the server's seed file, which may prevent the server from starting, and wi...

DSA-956-1 lsh-server - filedescriptor leak

Bulletin has no description...

Design/Logic Flaw

unixrandom.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys...

DEBIAN-CVE-2006-0353

unixrandom.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys...

CVE-2006-0353

unixrandom.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys...

CVE-2006-0353

unixrandom.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys...

CVE-2006-0353

CVE-2006-0353 affects lsh 2.0.1’s lshd, which leaks file descriptors related to the randomness generator. A local attacker can truncate the seed file, potentially preventing lshd from starting or enabling seed/key disclosure. Debian’s DSA-956-1 and related advisories describe a local vulnerabilit...