CVE-2006-1183

Name of the Vulnerable Software and Affected Versions Ubuntu version 5.10

Description The issue concerns the Ubuntu 5.10 installer, which fails to properly clear passwords from the installer log file, specifically questions.dat. This file is left with world-readable permissions, allowing local users to potentially gain privileges.

Recommendations For Ubuntu version 5.10, consider restricting access to the questions.dat log file to prevent unauthorized users from reading its contents. As a temporary workaround, manually remove or secure the questions.dat file after installation to minimize the risk of exploitation.