Lucene search

[email protected]CVE-2008-5104

HistoryNov 17, 2008 - 6:18 p.m.

CVE-2008-5104

2008-11-1718:18:48

CWE-255

[email protected]

web.nvd.nist.gov

cve-2008-5104

ubuntu

virtual machine

default root password

bypass

security vulnerability

6.5 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

45.3%

JSON

Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual machine by (1) python-vm-builder or (2) ubuntu-vm-builder in VMBuilder 0.9 in Ubuntu 8.10, have ! (exclamation point) as the default root password, which allows attackers to bypass intended login restrictions.

Affected configurations

NVD

Node

dcgrendelvmbuilderMatch0.9

AND

ubuntuubuntu_linuxMatch6.06_nil_lts

ubuntuubuntu_linuxMatch7.10

ubuntuubuntu_linuxMatch8.04_nil_lts

ubuntuubuntu_linuxMatch8.10

CPENameOperatorVersion
dcgrendel:vmbuilderdcgrendel vmbuildereq0.9

CPE	Name	Operator	Version
dcgrendel:vmbuilder	dcgrendel vmbuilder	eq	0.9

References

launchpadlibrarian.net/19619929/vm-builder_0.9-0ubuntu3.1.debdiff

secunia.com/advisories/32697

www.securityfocus.com/bid/32292

www.ubuntu.com/usn/usn-670-1

bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/296841

exchange.xforce.ibmcloud.com/vulnerabilities/46881

6.5 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

45.3%

JSON

Related for CVE-2008-5104

prion1 cvelist1 nvd1 ubuntucve1 openvas1 nessus1