CVE-2008-5103

CVE-2008-5103 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The (1) python-vm-builder and (2) ubuntu-vm-builder implementations in VMBuilder 0.9 in Ubuntu 8.10 omit the -e option when invoking chpasswd with a root:! argument, which configures the root account with a cleartext password of ! (exclamation point) and allows attackers to bypass intended login restrictions.

Learn more about our Cis Benchmark Audit For Ubuntu Linux.