Lucene search

K
ubuntucveUbuntu.comUB:CVE-2005-0106
HistoryMay 03, 2005 - 12:00 a.m.

CVE-2005-0106

2005-05-0300:00:00
ubuntu.com
ubuntu.com
13

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

EPSS

0

Percentile

5.1%

SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for
entropy if a source is not set in the EGD_PATH variable, which allows local
users to reduce the cryptographic strength of certain operations by
modifying the file.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchlibnet-ssleay-perl< 1.25-2build1UNKNOWN
ubuntu6.10noarchlibnet-ssleay-perl< 1.25-2build1UNKNOWN
ubuntu7.04noarchlibnet-ssleay-perl< 1.25-2build1UNKNOWN

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

EPSS

0

Percentile

5.1%