CVE-2006-0353

Currently unrated

Key Information:

Vendor: Gnu
Status: Lsh
Vendor: CVE Published:; 22 January 2006

Summary

unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys.

References

http://www.securityfocus.com/bid/16357

vdb-entryx_refsource_BID

http://lists.lysator.liu.se/pipermail/lsh-bugs/2006q1/000...

mailing-listx_refsource_MLIST

http://secunia.com/advisories/18623

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jan 22, 2006
Vulnerability Reserved
Jan 22, 2006