CVE-2011-0724
Summary
| CVE | CVE-2011-0724 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2011-02-19 01:00:00 UTC |
| Updated | 2017-08-17 01:33:00 UTC |
| Description | The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remote attackers to gain privileges. |
Risk And Classification
Problem Types: CWE-310
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Ubuntu | Edubuntu | 10.04 | All | lts | All |
| Operating System | Ubuntu | Edubuntu | 10.10 | All | All | All |
| Operating System | Ubuntu | Edubuntu | 9.10 | All | All | All |
| Operating System | Ubuntu | Edubuntu | 10.04 | All | lts | All |
| Operating System | Ubuntu | Edubuntu | 10.10 | All | All | All |
| Operating System | Ubuntu | Edubuntu | 9.10 | All | All | All |
| Hardware | Ubuntu | Live Dvd | All | All | All | All |
| Hardware | Ubuntu | Live Dvd | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Ubuntu iTALC Private Keys Security Bypass Vulnerability | BID | www.securityfocus.com | |
| USN-1061-1: iTALC vulnerability | Ubuntu | UBUNTU | www.ubuntu.com | Vendor Advisory |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.