CVE-2008-5188
Published: 21 November 2008
The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process.
Notes
Author | Note |
---|---|
jdstrand | affected code introduced during Ubuntu 8.10 develop cycle |
Priority
Status
Package | Release | Status |
---|---|---|
ecryptfs-utils Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
gutsy |
Not vulnerable
|
|
hardy |
Not vulnerable
|
|
intrepid |
Not vulnerable
(53-1ubuntu11)
|
|
upstream |
Released
(53-1ubuntu11)
|