CVE-2012-6655

An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
VendorProductVersion
accountsservice_projectaccountsservice
0.6.37
opensuseopensuse
13.1
debiandebian_linux
8.0
debiandebian_linux
9.0
debiandebian_linux
10.0
redhatenterprise_linux
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
accountsservice
bullseye
ignored
buster
ignored
stretch
ignored
jessie
ignored
wheezy
ignored
bookworm
22.08.8-6
fixed
sid
23.13.9-7
fixed
trixie
23.13.9-7
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
accountsservice
noble
not-affected
mantic
not-affected
lunar
ignored
kinetic
ignored
jammy
Fixed 22.07.5-2ubuntu1.5
released
impish
ignored
hirsute
ignored
groovy
ignored
focal
Fixed 0.6.55-0ubuntu12~20.04.7
released
eoan
ignored
disco
ignored
cosmic
ignored
bionic
needed
artful
ignored
zesty
ignored
yakkety
ignored
xenial
needed
wily
ignored
vivid
ignored
utopic
ignored
trusty
needed
precise
ignored
lucid
dne
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2014/08/16/7
http://www.securityfocus.com/bid/69245
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6655
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6655
https://exchange.xforce.ibmcloud.com/vulnerabilities/95325
https://security-tracker.debian.org/tracker/CVE-2012-6655
http://www.openwall.com/lists/oss-security/2014/08/16/7
http://www.securityfocus.com/bid/69245
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6655
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6655
https://exchange.xforce.ibmcloud.com/vulnerabilities/95325
https://security-tracker.debian.org/tracker/CVE-2012-6655