what you don't know can hurt you

Ubuntu Security Notice 959-2

Ubuntu Security Notice 959-2
Posted Oct 27, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 959-2 - USN-959-1 fixed vulnerabilities in PAM. This update provides the corresponding updates for Ubuntu 10.10. Denis Excoffier discovered that the PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps. A local attacker could exploit this to gain root privileges.

tags | advisory, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-0832
MD5 | 4aedcd8e02553a00ea8b4c90553a9640

Ubuntu Security Notice 959-2

Change Mirror Download
===========================================================
Ubuntu Security Notice USN-959-2 October 25, 2010
pam vulnerability
CVE-2010-0832
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.10:
libpam-modules 1.1.1-4ubuntu2

In general, a standard system update will make all the necessary changes.

Details follow:

USN-959-1 fixed vulnerabilities in PAM. This update provides the
corresponding updates for Ubuntu 10.10.

Original advisory details:

Denis Excoffier discovered that the PAM MOTD module in Ubuntu did
not correctly handle path permissions when creating user file stamps.
A local attacker could exploit this to gain root privilieges.


Updated packages for Ubuntu 10.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/pam/pam_1.1.1-4ubuntu2.diff.gz
Size/MD5: 256311 70ceb0ea3e0aea771cb0ee4d20159302
http://security.ubuntu.com/ubuntu/pool/main/p/pam/pam_1.1.1-4ubuntu2.dsc
Size/MD5: 1636 8b0a9a5576629cdc16a07fb6221555d1
http://security.ubuntu.com/ubuntu/pool/main/p/pam/pam_1.1.1.orig.tar.gz
Size/MD5: 1799415 b4838d787dd9b046a4d6992e18b6ffac

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-doc_1.1.1-4ubuntu2_all.deb
Size/MD5: 284250 ee51d0d5117e8005bd96d365160ab8fc
http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-runtime_1.1.1-4ubuntu2_all.deb
Size/MD5: 85274 65b297ca5b321eef1b76c05b7e15da01

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-cracklib_1.1.1-4ubuntu2_amd64.deb
Size/MD5: 56638 2058636a296f011ee82fb1085bcf98a0
http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-modules_1.1.1-4ubuntu2_amd64.deb
Size/MD5: 347314 d5f3e4cf08b35bf1c4772d0e17df9787
http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam0g-dev_1.1.1-4ubuntu2_amd64.deb
Size/MD5: 158630 5b55c802a6e55ad7de7dca34853cadf5
http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam0g_1.1.1-4ubuntu2_amd64.deb
Size/MD5: 94660 a3f147932dc1c9dc7c0fff522bc7f7cd

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-cracklib_1.1.1-4ubuntu2_i386.deb
Size/MD5: 56300 6ebc733abee6253e70f7862b8c8deead
http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-modules_1.1.1-4ubuntu2_i386.deb
Size/MD5: 323066 799c517fe7928f1afbf2b440c87e23c3
http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam0g-dev_1.1.1-4ubuntu2_i386.deb
Size/MD5: 152140 5fef5190dfed92ca9c30e11723d7dd09
http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam0g_1.1.1-4ubuntu2_i386.deb
Size/MD5: 91718 498d37554ea0e6327aa91c6a7fb7e2ca

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/p/pam/libpam-cracklib_1.1.1-4ubuntu2_powerpc.deb
Size/MD5: 56864 c4a0ce26fa71db14be87e8bd72a0b993
http://ports.ubuntu.com/pool/main/p/pam/libpam-modules_1.1.1-4ubuntu2_powerpc.deb
Size/MD5: 343926 d00027f03fa3506e2c7433da8bf60e3a
http://ports.ubuntu.com/pool/main/p/pam/libpam0g-dev_1.1.1-4ubuntu2_powerpc.deb
Size/MD5: 157816 654f538026e76baea9b670d323eb9680
http://ports.ubuntu.com/pool/main/p/pam/libpam0g_1.1.1-4ubuntu2_powerpc.deb
Size/MD5: 95076 7056a91e001172a2e143b138c7bf60d2

Login or Register to add favorites

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close