[Full-Disclosure] [USN-17-1] passwd vulnerability

From: Martin Pitt (martin.pitt_at_canonical.com)
Date: 11/05/04

  • Next message: Mandrake Linux Security Team: "[Full-Disclosure] MDKSA-2004:126 - Updated shadow-utils packages fix security bypass vulnerability"
    To: ubuntu-security-announce@lists.ubuntu.com
    Date: Fri, 5 Nov 2004 00:17:37 +0100
    
    
    

    ===========================================================
    Ubuntu Security Notice USN-17-1 November 04, 2004
    passwd vulnerabilities
    CAN-2004-1001
    ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 4.10 (Warty Warthog)

    The following packages are affected:

    login

    The problem can be corrected by upgrading the affected package to
    version 1:4.0.3-28.5ubuntu6.1. In general, a standard system upgrade is
    sufficient to effect the necessary changes.

    Details follow:

    Martin Schulze and Steve Grubb discovered a flaw in the authentication
    input validation of the "chfn" and "chsh" programs. This allowed
    logged in users with an expired password to change their real name and
    their login shell without having to change their password.

    This flaw cannot lead to privilege escalation and does not allow to
    modify account properties of other users, so the impact is relatively
    low.

      Source archives:

        http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.3-28.5ubuntu6.1.diff.gz
          Size/MD5: 867465 303fa8a07bb4eba9f9631c5cf42292a6
        http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.3-28.5ubuntu6.1.dsc
          Size/MD5: 765 0984a277557ba9c4c0b86eb0cefb187b
        http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.3.orig.tar.gz
          Size/MD5: 1045704 b52dfb2e5e8d9a4a2aae0ca1b266c513

      amd64 architecture (Athlon64, Opteron, EM64T Xeon)

        http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.3-28.5ubuntu6.1_amd64.deb
          Size/MD5: 479806 ad349ec07af2401a54e362ae44b3f9b7
        http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.3-28.5ubuntu6.1_amd64.deb
          Size/MD5: 537040 afac30c20348f66858ef3f64db39bc1a

      i386 architecture (x86 compatible Intel/AMD)

        http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.3-28.5ubuntu6.1_i386.deb
          Size/MD5: 470896 e96c974163514322ab217590585104ab
        http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.3-28.5ubuntu6.1_i386.deb
          Size/MD5: 462882 1c5c3182c35caac48a5f8b514130a556

      powerpc architecture (Apple Macintosh G3/G4/G5)

        http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.3-28.5ubuntu6.1_powerpc.deb
          Size/MD5: 478822 a9ab73b912180b9d42a54e93413a2591
        http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.3-28.5ubuntu6.1_powerpc.deb
          Size/MD5: 500062 680dc84a6925888b83ca6c8236b2cc3b

    
    

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html



  • Next message: Mandrake Linux Security Team: "[Full-Disclosure] MDKSA-2004:126 - Updated shadow-utils packages fix security bypass vulnerability"

    Relevant Pages

    • [USN-42-1] Xine library vulnerabilities
      ... Ubuntu 4.10 ... The following packages are affected: ... The problem can be corrected by upgrading the affected package to ...
      (Full-Disclosure)
    • [Full-Disclosure] [USN-70-1] Perl DBI module vulnerability
      ... Ubuntu 4.10 ... The following packages are affected: ... The problem can be corrected by upgrading the affected package to ... Javier Fernández-Sanguino Peña from the Debian Security Audit Project ...
      (Full-Disclosure)
    • [Full-disclosure] [USN-259-1] irssi vulnerability
      ... Ubuntu 5.10 ... The following packages are affected: ... The problem can be corrected by upgrading the affected package to ...
      (Full-Disclosure)
    • [USN-17-1] passwd vulnerability
      ... Ubuntu 4.10 ... The following packages are affected: ... The problem can be corrected by upgrading the affected package to ... their login shell without having to change their password. ...
      (Bugtraq)
    • [USN-42-1] Xine library vulnerabilities
      ... Ubuntu 4.10 ... The following packages are affected: ... The problem can be corrected by upgrading the affected package to ...
      (Bugtraq)