CVE-2016-4484

Published: Jan 23, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20161114 CVE-2016-4484: - Cryptsetup Initrd root Shell

mailing-list

x_refsource_MLIST

http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html

x_refsource_MISC

[oss-security] 20161115 Re: CVE-2016-4484: - Cryptsetup Initrd root Shell - Update: Dracut is also vulnerable

mailing-list

x_refsource_MLIST

[oss-security] 20161115 Re: [FD] CVE-2016-4484: - Cryptsetup Initrd root Shell

mailing-list

x_refsource_MLIST

94315

vdb-entry

x_refsource_BID

https://gitlab.com/cryptsetup/cryptsetup/commit/ef8a7d82d8d3716ae9b58179590f7908981fa0cb

x_refsource_MISC

[oss-security] 20161116 Re: CVE-2016-4484: - Cryptsetup Initrd root Shell

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-4484

Description

Affected Products

References