Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2011-0724

Published: 10 February 2011

The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remote attackers to gain privileges.

From the Ubuntu Security Team

Stéphane Graber discovered that the iTALC private keys shipped with the Edubuntu Live media were not correctly regenerated once Edubuntu was installed. If an iTALC client was installed with the vulnerable keys, a remote attacker could gain control of the system.

Priority

High

Status

Package Release Status
italc
Launchpad, Ubuntu, Debian
upstream Not vulnerable
(only on Edubuntu live media)
dapper Not vulnerable
(not installed on live media)
hardy Not vulnerable
(not installed on live media)
karmic
Released (1:1.0.9.1-0ubuntu16.1)
lucid
Released (1:1.0.9.1-0ubuntu18.10.04.1)
maverick
Released (1:1.0.9.1-0ubuntu18.10.10.1)