lsh-utils: local file descriptor leak
| Package(s): | lsh-utils | CVE #(s): | CVE-2006-0353 | ||||
| Created: | January 26, 2006 | Updated: | February 1, 2006 | ||||
| Description: | The lshd SSH2 protocol server has a file descriptor leak. User shells started by lshd can access randomness generator file descriptors, allowing the server seed file to be truncated. A denial of service is possible, and session keys may become vulnerable to cracking. | ||||||
| Alerts: |
| ||||||