CVE-2006-1183

Published Mar 13, 2006

Last updated 12 days ago

CVSS info 7.2

Overview

Description
The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the log file with world-readable permissions, which allows local users to gain privileges.
Source
cve@mitre.org
NVD status
Modified
Products
ubuntu_linux

Risk scores

CVSS 2.0

Type
Primary
Base score
7.2
Impact score
10
Exploitability score
3.9
Vector string
AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov
NVD-CWE-Other

Social media

Hype score
Not currently trending

Configurations

Related CVEs

  1. Sudo Inclusion of Functionality from Untrusted Control Sphere VulnerabilityCVE-2025-32463
  2. Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1).CVE-2025-5054
  3. In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. This could unknowingly leave the local machine exposed to remote SSH access contrary to expectation of the user.CVE-2023-5616
  4. A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.CVE-2025-26466
  5. Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default.CVE-2022-1736

References

Sources include official advisories and independent security research.