PublicDate: 2008-09-03 14:12:00 UTC
Candidate: CVE-2008-3896
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3896
Description:
 Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in
 the BIOS Keyboard buffer and does not clear this buffer before and after
 use, which allows local users to obtain sensitive information by reading
 the physical memory locations associated with this buffer.
Ubuntu-Description:
Notes:
 jdstrand> requires root access to the machine, which gives access to do
  anything anyway (unless restricting root access via SELinux, which Ubuntu
  does not)
 mdeslaur> let's ignore this
Bugs:
Priority: negligible
Discovered-by:
Assigned-to:
CVSS: 

Patches_grub:
upstream_grub: needs-triage
dapper_grub: ignored
feisty_grub: needed (reached end-of-life)
gutsy_grub: needed (reached end-of-life)
hardy_grub: ignored
intrepid_grub: ignored
jaunty_grub: ignored
karmic_grub: ignored
devel_grub: ignored