Re: [Full-Disclosure] Re: Red Hat 9: free tickets

From: KF (dotslash_at_snosoft.com)
Date: 07/02/03

Next message: CORE Security Technologies Advisories: "[Full-Disclosure] CORE-2003-0305-04: NetMeeting Directory Traversal Vulnerability"

Previous message: Auriemma Luigi: "[VulnWatch] Broadcast BoF and server freeze in RogerWilco (2001)"
In reply to: bob: "[Full-Disclosure] Re: Red Hat 9: free tickets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 02 Jul 2003 10:53:53 +0000

>
>
>>
>>Starting release 9, Red Hat ships and uses pam_timestamp_check.so module
>>(accompanied by /sbin/pam_timestamp_check setuid helper), a part of the
>>new pam-0.75 (Pluggable Authentication Modules) package. PAM is a generic
>>centralized authentication and session management component that is also
>>shipped by an increasing number of other distributions, so it is
>>reasonable that the code is about to propagate to other distros.
>>
>>
Starting at release 9 or release 8? (I could have ran up2date and
installed this but I'm not sure?)

[xxx@linuxdev xxx]$ cat /etc/redhat-release
Red Hat Linux release 8.0 (Psyche)

[xxx@linuxdev xxx]$ ls -al /sbin/pam_timestamp_check
-r-s--x--x 1 root root 7132 Aug 2 2002
/sbin/pam_timestamp_check

[xxx@linuxdev xxx]$ grep timestamp /etc/pam.d/ -r
/etc/pam.d/authconfig-gtk:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/authconfig-gtk:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-rootpassword:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-rootpassword:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-language:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-language:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-proc:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-proc:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-keyboard:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-keyboard:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-users:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-users:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-logviewer:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-logviewer:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/dateconfig:auth sufficient /lib/security/pam_timestamp.so
/etc/pam.d/dateconfig:session optional /lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-date:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-date:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-time:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-time:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-soundcard:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-soundcard:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-mouse:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-mouse:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/up2date-config:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/up2date-config:session optional
/lib/security/pam_timestamp.so
grep: /etc/pam.d/sshd: Permission denied
/etc/pam.d/redhat-cdinstall-helper:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-cdinstall-helper:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-packages:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-packages:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-install-packages:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-install-packages:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/up2date:auth sufficient /lib/security/pam_timestamp.so
/etc/pam.d/up2date:session optional /lib/security/pam_timestamp.so
/etc/pam.d/internet-druid:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/internet-druid:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/up2date-nox:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/up2date-nox:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/neat:auth sufficient /lib/security/pam_timestamp.so
/etc/pam.d/neat:session optional /lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-network-cmd:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-network-cmd:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-network:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-network:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-network-druid:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-network-druid:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/printconf-gui:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/printconf-gui:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-printer-gui:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-printer-gui:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-securitylevel:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-securitylevel:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-xfree86:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-xfree86:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-switch-printer:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-switch-printer:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-switch-printer-nox:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-switch-printer-nox:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-switchmail:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-switchmail:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-switchmail-nox:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-switchmail-nox:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-services:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-services:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/serviceconf:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/serviceconf:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/gdmsetup:auth sufficient /lib/security/pam_timestamp.so
/etc/pam.d/gdmsetup:session optional /lib/security/pam_timestamp.so
/etc/pam.d/kppp:auth sufficient /lib/security/pam_timestamp.so
/etc/pam.d/kppp:session optional /lib/security/pam_timestamp.so
/etc/pam.d/kde:auth sufficient /lib/security/pam_timestamp.so
/etc/pam.d/kde:session optional /lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-bind:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-bind:session optional
/lib/security/pam_timestamp.so
/etc/pam.d/bindconf:auth sufficient /lib/security/pam_timestamp.so
/etc/pam.d/bindconf:session optional /lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-nfs:auth sufficient
/lib/security/pam_timestamp.so
/etc/pam.d/redhat-config-nfs:session optional
/lib/security/pam_timestamp.so

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: CORE Security Technologies Advisories: "[Full-Disclosure] CORE-2003-0305-04: NetMeeting Directory Traversal Vulnerability"

Previous message: Auriemma Luigi: "[VulnWatch] Broadcast BoF and server freeze in RogerWilco (2001)"
In reply to: bob: "[Full-Disclosure] Re: Red Hat 9: free tickets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]