Star 'Root' Password Readable in Clear Text on Ubuntu Breezy
Linked by Thom Holwerda on Sun 12th Mar 2006 20:46 UTC, submitted by lotusleaf
Ubuntu, Kubuntu, Xubuntu A major, critical bug and possible security threat has been discovered in Ubuntu Breezy. Apparently, the 'root' password (not actually the root password because Ubuntu uses sudo) gets written into the installer's log files in clear text, and can be read by any account on the Ubuntu machine. The bug was first discovered and reproduced on the Ubuntu forums. The bug does not seem to affect Dapper, however, users upgrading from Breezy to Dapper might still be at risk because the log files are not modified. Update: Bug is fixed. Please upgrade.
E-mail Print r 4   156 Comment(s) http://osne.ws/arj
Thread beginning with comment 103815
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Now I'm LMFAO at you guys
by smittal on Sun 12th Mar 2006 22:54 UTC in reply to "Now I'm LMFAO at you guys "
smittal
Member since:
2006-02-03

How, exactly? If there was a root account, you would have to set the password for it at some point, and presumably that would have been logged as well.

Reply Parent Bookmark Score: 2