accountsservice is vulnerable to Information Disclosure. The vulnerability exists in the user_change_password_authorized_cb()
function of user.c
, which could let local users obtain encrypted passwords.
CPE | Name | Operator | Version |
---|---|---|---|
accountsservice:sid | eq | 0.6.55-3 | |
accountsservice:sid | eq | 0.6.55-3 |
www.openwall.com/lists/oss-security/2014/08/16/7
www.securityfocus.com/bid/69245
bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6655
bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6655
exchange.xforce.ibmcloud.com/vulnerabilities/95325
security-tracker.debian.org/tracker/CVE-2012-6655
security-tracker.debian.org/tracker/CVE-2012-6655