CVE-2006-1376 — Linux vulnerability

5 documents5 sources

Severity

2.1LOWNVD

EPSS

0.0%

top 85.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Shadow Project Shadow Debian Linux

Timeline

PublishedMar 24

Latest updateMay 1

Description

The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption).

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶Debianshadow_project/shadow< 1:4.0.14-9+3

Also affects: Debian Linux 3.1

🔴Vulnerability Details

GHSA

GHSA-wf55-rg6h-r62x: The installation of Debian GNU/Linux 3↗2022-05-01

▶

CVEList

CVE-2006-1376: The installation of Debian GNU/Linux 3↗2006-03-24

▶

OSV

CVE-2006-1376: The installation of Debian GNU/Linux 3↗2006-03-24

▶

📋Vendor Advisories

Debian

CVE-2006-1376: shadow - The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /...↗2006

▶