Computer Security
[EN] securityvulns.ru no-pyccku


Weak Net::SSLeay perl module encryption
Published:27.01.2006
Source:
SecurityVulns ID:5703
Type:local
Threat Level:
5/10
Description:/tmp/entropy file is used for entropy gathering if no entropy source is specified with EGD_PATH envoronment variable. Attacker can fille file with known data.
Affected:PERL : Net::SSLeay 1.25
Original documentdocumentMANDRIVA, [Full-disclosure] [ MDKSA-2006:023 ] - Updated perl-Net_SSLeay packages fix vulnerability (27.01.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod