|
|
CVE Reference: CVE-2006-6614 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-6614 |
|
|
Description: The save_log_local function in Fully Automatic Installation (FAI) 2.10.1, and possibly 3.1.2, when verbose mode is enabled, stores the root password hash in /var/log/fai/current/fai.log, whose file permissions allow it to be copied to other hosts when fai-savelog is called and allows attackers to obtain the hash. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/30892 SAID Secunia Advisory: SA23330 MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402644 BID 21579 |
|
| Return to the previous page. |
