CVE-2002-0872 Information

Description

l2tpd 0.67 does not initialize the random number generator which allows remote attackers to hijack sessions.

Reference

http://www.debian.org/security/2002/dsa-152 http://www.iss.net/security_center/static/9845.php http://www.securityfocus.com/bid/5451