CVE-2006-1844 Information

Description

The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files including preseeded passwords and pppoeconf passwords which might allow local users to gain privileges.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939 http://secunia.com/advisories/19170 http://www.osvdb.org/23922