CVE-2011-0724

critical

Description

The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remote attackers to gain privileges.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/65389

http://www.vupen.com/english/advisories/2011/0378

http://www.ubuntu.com/usn/USN-1061-1

http://www.securityfocus.com/bid/46346

Details

Source: Mitre, NVD

Published: 2011-02-19

Updated: 2017-08-17

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical