Phase:The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges.
ReferencesBUGTRAQ:Thursday, April 28, 2005 insecure user account lam-runtime-7.0.6-2mdk rpm | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=111472262231060&w=2 | BID:13431 | URL:http://www.securityfocus.com/bid/13431
Votes:Assigned (Monday, May 02, 2005)
Comments:None (candidate not yet proposed)
F7: