Test ID:	1.3.6.1.4.1.25623.1.1.12.2005.113.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-113-1)
Summary:	The remote host is missing an update for the 'libnet-ssleay-perl' package(s) announced via the USN-113-1 advisory.
Description:	Summary: The remote host is missing an update for the 'libnet-ssleay-perl' package(s) announced via the USN-113-1 advisory. Vulnerability Insight: Javier Fernandez-Sanguino Pena discovered that this library used the file /tmp/entropy as a fallback entropy source if a proper source was not set in the environment variable EGD_PATH. This can potentially lead to weakened cryptographic operations if an attacker provides a /tmp/entropy file with known content. The updated package requires the specification of an entropy source with EGD_PATH and also requires that the source is a socket (as opposed to a normal file). Please note that this only affects systems which have egd installed from third party sources, egd is not shipped with Ubuntu. Affected Software/OS: 'libnet-ssleay-perl' package(s) on Ubuntu 5.04. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0106 BugTraq ID: 13471 http://www.securityfocus.com/bid/13471 http://www.mandriva.com/security/advisories?name=MDKSA-2006:023 http://secunia.com/advisories/18639 https://usn.ubuntu.com/113-1/
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.