CVE-2012-6655

NameCVE-2012-6655
DescriptionAn issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs757912

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
accountsservice (PTS)buster0.6.45-2vulnerable
bullseye0.6.55-3vulnerable
bookworm22.08.8-6fixed
sid, trixie23.13.9-6fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
accountsservicesource(unstable)22.08.8-4low757912

Notes

[bullseye] - accountsservice <ignored> (Minor issue)
[buster] - accountsservice <ignored> (Minor issue)
[stretch] - accountsservice <ignored> (Minor issue)
[jessie] - accountsservice <ignored> (Minor issue)
[wheezy] - accountsservice <ignored> (Minor issue)
https://bugs.freedesktop.org/show_bug.cgi?id=55000

Search for package or bug name: Reporting problems