CVE-2006-1183

Ubuntu 5.10 - Info Disclosure

Title source: llm

Description

The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the log file with world-readable permissions, which allows local users to gain privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kristian Hermansen · perllocallinux

https://www.exploit-db.com/exploits/1579

View Code ZIP pw:eip

References (8)

[Vendor Advisory] https://usn.ubuntu.com/262-1/

[Exploit] https://launchpad.net/distros/ubuntu/+source/shadow/+bug/34606

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/17086

[Third Party Advisory, VDB Entry] http://www.osvdb.org/23868

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/0927

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/25170

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1015761

[Third Party Advisory] http://secunia.com/advisories/19200

Scores

EPSS 0.0010

EPSS Percentile 26.6%

Details

Status published

Products (1)

ubuntu/ubuntu_linux 5.10

Published Mar 13, 2006

Tracked Since Feb 18, 2026