Vulnerabilities (CVE)

Filtered by vendor Thomas Lange Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-6614 2 Debian, Thomas Lange 2 Debian Linux, Fully Automated Installation 2024-11-21 1.9 LOW N/A
The save_log_local function in Fully Automatic Installation (FAI) 2.10.1, and possibly 3.1.2, when verbose mode is enabled, stores the root password hash in /var/log/fai/current/fai.log, whose file permissions allow it to be copied to other hosts when fai-savelog is called and allows attackers to obtain the hash.