CVE-2005-0106 Information

Description

SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable which allows local users to reduce the cryptographic strength of certain operations by modifying the file.

Reference

http://secunia.com/advisories/18639 http://www.mandriva.com/security/advisories?name=MDKSA-2006:023 http://www.securityfocus.com/bid/13471 https://usn.ubuntu.com/113-1/