CVE-2009-1296
EPSS 0.07%
Description
The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root.
How to fix CVE-2009-1296
To remediate CVE-2009-1296, upgrade the affected package to a fixed version below.
- Debian/ecryptfs-utils—upgrade to 75-2 or later
Is CVE-2009-1296 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 75-2