File Descriptor Leak in lshd Impacts Local Security for LSH 2.0.1
CVE-2006-0353

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
22 January 2006

Summary

In lsh 2.0.1, the unix_random.c file in lshd leaks file descriptors associated with the randomness generator. This flaw can be exploited by local users to truncate the seed file, ultimately preventing the server from starting or allowing unauthorized access to sensitive seed information. Such leakage can facilitate cryptographic attacks, potentially compromising key integrity.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.