CVE-2006-1376
Description
Debian GNU/Linux 3.1r1 network install CD creates a world-writable log file, allowing local users to cause disk consumption denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Debian GNU/Linux 3.1r1 network install CD creates a world-writable log file, allowing local users to cause disk consumption denial of service.
Vulnerability
The installation process of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions. This affects the default installation of Debian 3.1r1 [1].
Exploitation
A local user with access to the system can write arbitrary data to the world-writable file /var/log/debian-installer/cdebconf, consuming available disk space. No authentication or special privileges beyond local shell access are required.
Impact
Successful exploitation leads to denial of service by exhausting disk space, potentially causing system instability or preventing normal operations.
Mitigation
No official fix is disclosed in the available references [1]. Administrators can manually restrict permissions on /var/log/debian-installer/cdebconf after installation (e.g., chmod 640 /var/log/debian-installer/cdebconf) or upgrade to a later Debian release that addresses the issue.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- cpe:2.3:o:debian:debian_linux:3.1:r1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.