Password Handling Flaw in Ubuntu's passwd Utility
CVE-2006-3597

Currently unrated

Key Information:

Vendor

Ubuntu

Status
Ubuntu Linux
Vendor
CVE Published:
18 July 2006

What is CVE-2006-3597?

A vulnerability exists in the passwd utility prior to version 1:4.0.13 on Ubuntu 6.06 LTS that compromises the root password management. When the administrator opts to 'Go Back' post-installation, instead of securing the root account, the software inadvertently sets the root password to blank. This oversight leaves the system vulnerable as the password is zeroed out in the installer’s memory, allowing unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.ubuntu.com/usn/usn-316-1
vendor-advisoryx_refsource_UBUNTU
http://www.osvdb.org/27091
vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/21022
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.