passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when the administrator selects the "Go Back" option after the final "Installation complete" message and uses the main menu, which causes the password to be zeroed out in the installer's memory.
References
Link | Resource |
---|---|
http://secunia.com/advisories/21022 | Patch Vendor Advisory |
http://www.osvdb.org/27091 | |
http://www.ubuntu.com/usn/usn-316-1 | Exploit Patch |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2006-07-14T20:00:00
Updated: 2006-07-26T09:00:00
Reserved: 2006-07-14T00:00:00
Link: CVE-2006-3597
JSON object: View
NVD Information
Status : Analyzed
Published: 2006-07-18T15:37:00.000
Modified: 2008-09-05T21:07:34.090
Link: CVE-2006-3597
JSON object: View
Redhat Information
No data.
CWE