CVE-2006-3597

Exploit

EPSS 0.06%
Published 18.07.2006 15:37:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when the administrator selects the "Go Back" option after the final "Installation complete" message and uses the main menu, which causes the password to be zeroed out in the installer's memory.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Ubuntu ≫ Ubuntu Linux Version6.06_lts

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.144

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/21022

Patch

Vendor Advisory

http://www.osvdb.org/27091

http://www.ubuntu.com/usn/usn-316-1

Patch

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2006-3597

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3597

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3597

EUVD