CVE-2009-4128

Name of the Vulnerable Software and Affected Versions GNU GRand Unified Bootloader (GRUB) 2 version 1.97

Description The issue allows physically proximate attackers to conduct brute force attacks and bypass authentication by submitting a password whose length is 1, as the software only compares the submitted portion of a password with the actual password.

Recommendations For GNU GRand Unified Bootloader (GRUB) 2 version 1.97, consider using a different authentication mechanism or increasing the minimum password length to mitigate the risk of brute force attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.