CVE-2009-4128
Publication date 1 December 2009
Last updated 24 July 2024
Ubuntu priority
GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted portion of a password with the actual password, which makes it easier for physically proximate attackers to conduct brute force attacks and bypass authentication by submitting a password whose length is 1.
Status
Package | Ubuntu Release | Status |
---|---|---|
grub2 | 9.10 karmic |
Fixed 1.97~beta4-1ubuntu4.1
|
9.04 jaunty |
Not affected
|
|
8.10 intrepid |
Not affected
|
|
8.04 LTS hardy |
Not affected
|
|
6.06 LTS dapper |
Not affected
|