Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3597

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-3597
Last Modified 05 Sep 2008 05:07:34
Published 18 Jul 2006 11:37:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-3597

Summary

passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when the administrator selects the "Go Back" option after the final "Installation complete" message and uses the main menu, which causes the password to be zeroed out in the installer's memory.

Vulnerable Systems

Operating System

  • Ubuntu Linux 6.06 Lts


References

UBUNTU - USN-316-1

SECUNIA - 21022

OSVDB - 27091


Last Updated: 27 May 2016 10:43:04