Описание
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.25-2build1 |
| devel | released | 1.25-2build1 |
| edgy | released | 1.25-2build1 |
| feisty | released | 1.25-2build1 |
| upstream | needs-triage |
Показывать по
EPSS
4.6 Medium
CVSS2
Связанные уязвимости
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file.
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file ...
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file.
EPSS
4.6 Medium
CVSS2