Lucene search
Veracode Vulnerability DatabaseVERACODE:39445HistoryFeb 27, 2023 - 4:10 p.m.
Information Disclosure
2023-02-2716:10:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
accountsservice
information disclosure
user.c
encrypted passwords
0.0004 Low
EPSS
Percentile
5.1%
accountsservice is vulnerable to Information Disclosure. The vulnerability exists in the user_change_password_authorized_cb() function of user.c, which could let local users obtain encrypted passwords.
| CPE | Name | Operator | Version |
|---|---|---|---|
| accountsservice:sid | eq | 0.6.55-3 | |
| accountsservice:sid | eq | 0.6.55-3 |
References
www.openwall.com/lists/oss-security/2014/08/16/7
www.securityfocus.com/bid/69245
bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6655
bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6655
exchange.xforce.ibmcloud.com/vulnerabilities/95325
security-tracker.debian.org/tracker/CVE-2012-6655
security-tracker.debian.org/tracker/CVE-2012-6655
Related
nessus
nessus
Ubuntu 20.04 LTS / 22.04 LTS : AccountsService vulnerability (USN-6687-1)
2024-03-11 00:00:00
RHEL 7 : accountsservice (Unpatched Vulnerability)
2024-06-03 00:00:00
cvelist
cvelist
CVE-2012-6655
2019-11-27 17:13:02
openvas
openvas
Ubuntu: Security Advisory (USN-6687-1)
2024-03-12 00:00:00
prion
prion
Code injection
2019-11-27 18:15:00
ubuntu
ubuntu
AccountsService vulnerability
2024-03-11 00:00:00
ubuntucve
ubuntucve
CVE-2012-6655
2019-11-27 00:00:00
nvd
nvd
CVE-2012-6655
2019-11-27 18:15:11
cve
cve
CVE-2012-6655
2019-11-27 18:15:11
osv
osv
accountsservice vulnerability
2024-03-11 12:34:46
debiancve
debiancve
CVE-2012-6655
2019-11-27 18:15:11