Password Authentication Bypass in GNU GRUB 2 by Free Software Foundation
CVE-2009-4128
Currently unrated
Summary
The GNU GRand Unified Bootloader (GRUB) 2 version 1.97 has a vulnerability that allows attackers with physical access to bypass authentication mechanisms. By comparing only a submitted portion of a password with the actual password, attackers can exploit this weakness through simple brute force attempts. This enables unauthorized access to the system by submitting a password whose length is just one character, potentially compromising system integrity.
References
Timeline
Vulnerability published
Vulnerability Reserved