CVE-2006-1844
published 2006-04-19CVE-2006-1844: The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including…
low2.1CVSS 3.1
AVLACLAuNCPINAN
The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | base-config | — | — |
| debian | shadow | < shadow 1:4.0.14-9 (bookworm) | shadow 1:4.0.14-9 (bookworm) |
| debian | shadow | — | — |
| shadow_project | shadow | >= 0 < 1:4.0.14-9 | 1:4.0.14-9 |
| shadow_project | shadow | >= 0 < 1:4.0.14-9 | 1:4.0.14-9 |
| shadow_project | shadow | >= 0 < 1:4.0.14-9 | 1:4.0.14-9 |
| shadow_project | shadow | >= 0 < 1:4.0.14-9 | 1:4.0.14-9 |
CVSS provenance
nvd2.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv2.1LOW