Info

Disclosure

Mar 12, 2006

Discovery

Unknown

Dates

Exploit

Mar 12, 2006

Solution

Unknown

Description

The Ubunto installer contains a flaw that may lead to an unauthorized password exposure. The installer log files fail to sanitize passwords used during the installation. The installer log files are world-readable, thus any local user can see the password of the first user account, which has full sudo privileges by default, thus leading to a loss of confidentiality.

Classification

Location: Local Access Required
Attack Type: Cryptographic, Information Disclosure
Impact: Loss of Confidentiality
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified

Solution

Upgrade package base-config to version 2.67ubuntu20 and passwd to version 1:4.0.3-37ubuntu8 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Ubuntu

Ubuntu Linux

5.10 (Breezy Badger)

References

Security Tracker: 1015761
Milw0rm: 1579
Exploit Database: 1579
Bugtraq ID: 17086
Secunia Advisory ID: 19200
CVE ID: 2006-1183 (see also: NVD)
ISS X-Force ID: 25170
VUPEN Advisory: ADV-2006-0927
Generic Exploit URL: http://d2sec.com/products.htm
http://www.coresecurity.com/content/ubuntu-510-password-recovery-escalation-exploit
Vendor URL: http://www.ubuntu.com
Vendor Specific Advisory URL: http://www.ubuntu.com/usn/usn-262-1

Credit

Karl Øie -

Direct URL: http://osvdb.org/23868