RSS   Vulnerabilities for 'Vmbuilder'   RSS

2008-11-17
 
CVE-2008-5104

CWE-255
 

 
Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual machine by (1) python-vm-builder or (2) ubuntu-vm-builder in VMBuilder 0.9 in Ubuntu 8.10, have ! (exclamation point) as the default root password, which allows attackers to bypass intended login restrictions.

 
 
CVE-2008-5103

CWE-255
 

 
The (1) python-vm-builder and (2) ubuntu-vm-builder implementations in VMBuilder 0.9 in Ubuntu 8.10 omit the -e option when invoking chpasswd with a root:! argument, which configures the root account with a cleartext password of ! (exclamation point) and allows attackers to bypass intended login restrictions.

 


Copyright 2024, cxsecurity.com

 

Back to Top