|
|
Log in / Subscribe / Register

heat-jeos: improper handling of passwords

Package(s):heat-jeos CVE #(s):CVE-2013-2069
Created:August 6, 2013 Updated:September 30, 2013
Description: From the Red Hat bugzilla:

It was discovered that when used to create images, livecd-tools gave the root user an empty password rather than leaving the password locked in situations where no 'rootpw' directive was used or when the 'rootpw --lock' directive was used within the Kickstart file, which could allow local users to gain access to the root account.

Alerts:
Fedora FEDORA-2013-13131 livecd-tools 2013-09-30
Fedora FEDORA-2013-9715 heat-jeos 2013-08-06
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds