CVE-2011-0724

NameCVE-2011-0724
DescriptionThe Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remote attackers to gain privileges.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
italc (PTS)jessie, jessie (lts)1:2.0.2+dfsg1-2+deb8u1fixed
stretch1:3.0.3+dfsg1-1+deb9u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
italcsource(unstable)(not affected)

Notes

- italc <not-affected> (Only Edubuntu Live DVD affected)
https://bugs.launchpad.net/ubuntu/+source/italc/+bug/714864
http://web.archive.org/web/20140817234205/https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-February/001245.html
Search for package or bug name: Reporting problems