I'm not trying to bash, but this isn't a vulnerability that's just "fixed".
There are thousands of ubuntu installs that now have root passwords in their installerlogs. For a "grandma" user, which most people point toward ubuntu nowadays, they're clueless about it, and now their boxes are setup to be screwed over just any shell exploit. --Jay On 3/13/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > On Mon, Mar 13, 2006 at 07:04:06AM -0500, Magnus wrote: > > The root password from the first user registred by Breezy can be found by > > any user by reading the file /var/log/installer/cdebconf/questions.dat > > Pretty ugly. And of course, fixed [0]. > > [0] http://www.ubuntu.com/usn/usn-262-1 -- Jason Faulkner ------------------------ OldOs.org Owner/Admin // OpenDocument Fellowship Sysadmin
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
