File Descriptor Leak in lshd Impacts Local Security for LSH 2.0.1
CVE-2006-0353
Currently unrated
Summary
In lsh 2.0.1, the unix_random.c file in lshd leaks file descriptors associated with the randomness generator. This flaw can be exploited by local users to truncate the seed file, ultimately preventing the server from starting or allowing unauthorized access to sensitive seed information. Such leakage can facilitate cryptographic attacks, potentially compromising key integrity.
References
Timeline
Vulnerability published
Vulnerability Reserved