| 2009-07-19 21:36:49 |
Michael Gilbert |
description |
hello,
there is a method [1] that is described as a means to recover a forgotten password, but it also allows enables malicious local users to gain root access. this is very bad indeed.
also see debian bug report [2], which hasn't seen much activity for quite some time. however, this is because the conditions for exploitation, in particular not setting a password for the rot account, are non-default on debian. these conditions are the default on ubuntu, which makes this so bad.
this vulnerability has been present since at least dapper (and probably since warty); whichever version first introduced no-root.
[1] http://linuxwave.blogspot.com/2008/09/ubuntu-forgotten-password.html
[2] http://bugs.debian.org/517018 |
hello,
there is a method [1] that is described as a means to recover a forgotten password, but it also enables malicious local users to gain root access. this is very bad indeed.
also see debian bug report [2], which hasn't seen much activity for quite some time. however, this is because the conditions for exploitation, in particular not setting a password for the root account, are non-default on debian. these conditions are the default on ubuntu, which makes this so bad.
this vulnerability has been present since at least dapper (and probably since warty); whichever version first introduced no-root.
[1] http://linuxwave.blogspot.com/2008/09/ubuntu-forgotten-password.html
[2] http://bugs.debian.org/517018 |
|
