Vulnerability Description
Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual machine by (1) python-vm-builder or (2) ubuntu-vm-builder in VMBuilder 0.9 in Ubuntu 8.10, have ! (exclamation point) as the default root password, which allows attackers to bypass intended login restrictions.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dcgrendel | Vmbuilder | 0.9 |
| Ubuntu | Ubuntu Linux | 6.06 |
Related Weaknesses (CWE)
References
- http://launchpadlibrarian.net/19619929/vm-builder_0.9-0ubuntu3.1.debdiffExploit
- http://secunia.com/advisories/32697Patch
- http://www.securityfocus.com/bid/32292Patch
- http://www.ubuntu.com/usn/usn-670-1Vendor Advisory
- https://bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/296841
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46881
- http://launchpadlibrarian.net/19619929/vm-builder_0.9-0ubuntu3.1.debdiffExploit
- http://secunia.com/advisories/32697Patch
- http://www.securityfocus.com/bid/32292Patch
- http://www.ubuntu.com/usn/usn-670-1Vendor Advisory
- https://bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/296841
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46881
FAQ
What is CVE-2008-5104?
CVE-2008-5104 is a vulnerability with a CVSS score of 7.2 (HIGH). Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual machine by (1) python-vm-builder or (2) ubuntu-vm-builder in VMBuilder 0.9 in Ubuntu 8.10, have ! (exclamation point) as the defa...
How severe is CVE-2008-5104?
CVE-2008-5104 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5104?
Check the references section above for vendor advisories and patch information. Affected products include: Dcgrendel Vmbuilder, Ubuntu Ubuntu Linux.