Filtered by vendor Thomas Lange
Subscribe
Filtered by product Fully Automated Installation
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-6614 | 2 Debian, Thomas Lange | 2 Debian Linux, Fully Automated Installation | 2017-07-28 | 1.9 LOW | N/A |
The save_log_local function in Fully Automatic Installation (FAI) 2.10.1, and possibly 3.1.2, when verbose mode is enabled, stores the root password hash in /var/log/fai/current/fai.log, whose file permissions allow it to be copied to other hosts when fai-savelog is called and allows attackers to obtain the hash. |