Unrated severityNVD Advisory· Published Nov 17, 2008· Updated Jun 16, 2026
CVE-2008-5103
CVE-2008-5103
Description
The (1) python-vm-builder and (2) ubuntu-vm-builder implementations in VMBuilder 0.9 in Ubuntu 8.10 omit the -e option when invoking chpasswd with a root:! argument, which configures the root account with a cleartext password of ! (exclamation point) and allows attackers to bypass intended login restrictions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <0.9-0ubuntu3.1
- Range: <0.9-0ubuntu3.1
Patches
Vulnerability mechanics
References
7- secunia.com/advisories/32697nvdPatchVendor Advisory
- www.securityfocus.com/bid/32292nvdPatch
- launchpadlibrarian.net/19619929/vm-builder_0.9-0ubuntu3.1.debdiffnvdExploit
- www.ubuntu.com/usn/usn-670-1nvdVendor Advisory
- osvdb.org/49996nvd
- bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/296841nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/46603nvd
News mentions
0No linked articles in our index yet.