CVE-2005-0106

Publication date 3 May 2005

Last updated 17 July 2025

Ubuntu priority

Description

SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libnet-ssleay-perl	7.04 feisty	Fixed 1.25-2build1
	6.10 edgy	Fixed 1.25-2build1
	6.06 LTS dapper	Fixed 1.25-2build1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-113-1
libnet-ssleay-perl vulnerability
3 May 2005

Other references

https://www.cve.org/CVERecord?id=CVE-2005-0106