Root’ Password Readable in Clear Text on Ubuntu Breezy

A major, critical bug and possible security threat has been discovered in Ubuntu Breezy.

Apparently, the ‘root’ password (not actually the root password because Ubuntu uses sudo) gets written into the installer’s log files in clear text, and can be read by any account on the Ubuntu machine. The bug was first discovered and reproduced on the Ubuntu forums.

The bug does not seem to affect Dapper, however, users upgrading from Breezy to Dapper might still be at risk because the log files are not modified.

The bug has been fixed and and upgrade is necessary to correct this problem.

March 14, 2006 at 1:44 am · Filed under




Related posts

  • Cryzip Trojan Encrypts Files, Demands Ransom
  • Users’ Web Password Practices Pitiful
  • Apple: Finding the Root of the Problem
  • Video Guide: Securing Your Wireless Network
  • Mac OS X hacked under 30 minutes


    • Leave a Comment

    Technorati tags: , ,