LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: July 25th, 2014
Linux Advisory Watch: July 18th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: pam-krb5 vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that pam_krb5 parsed environment variables when run with setuid applications. A local attacker could exploit this flaw to bypass authentication checks and gain root privileges. (CVE-2009-0360) Derek Chan discovered that pam_krb5 incorrectly handled refreshing existing credentials when used with setuid applications. A local attacker could exploit this to create or overwrite arbitrary files, and possibly gain root privileges. (CVE-2009-0361)
===========================================================
Ubuntu Security Notice USN-719-1          February 12, 2009
libpam-krb5 vulnerabilities
CVE-2009-0360, CVE-2009-0361
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  libpam-krb5                     3.10-1ubuntu0.8.04.1

Ubuntu 8.10:
  libpam-krb5                     3.10-1ubuntu0.8.10.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that pam_krb5 parsed environment variables when run with
setuid applications. A local attacker could exploit this flaw to bypass
authentication checks and gain root privileges. (CVE-2009-0360)

Derek Chan discovered that pam_krb5 incorrectly handled refreshing existing
credentials when used with setuid applications. A local attacker could exploit
this to create or overwrite arbitrary files, and possibly gain root privileges.
(CVE-2009-0361)


Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.04.1.diff.gz
      Size/MD5:    12322 2915d0d5b4133bcc65b6bc03346033b0
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.04.1.dsc
      Size/MD5:      816 cbc0e2b13d48682ec29127649d9d3407
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpam-krb5/libpam-krb5_3.10.orig.tar.gz
      Size/MD5:   156259 6ec6bd6637f8c91bf5386ed95fa975ba

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.04.1_amd64.deb
      Size/MD5:    78068 6f201eda9f6df9d527c165c21756084d

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.04.1_i386.deb
      Size/MD5:    77412 199ba52d9440d89f70fab1544fa90d7f

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.04.1_lpia.deb
      Size/MD5:    77246 ff9cce0bbaf03a1a348fcd1fb0ca6745

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.04.1_powerpc.deb
      Size/MD5:    80536 e3ec20dbf0fb9666549f801c012f72b0

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.04.1_sparc.deb
      Size/MD5:    77196 6e8a12a640e6c9163d65709d68c14775

Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.10.1.diff.gz
      Size/MD5:    12322 9646c596627edf91af8799f78b9bffb2
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.10.1.dsc
      Size/MD5:     1234 39b9545e294f6937092fbf8316ffc9d1
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpam-krb5/libpam-krb5_3.10.orig.tar.gz
      Size/MD5:   156259 6ec6bd6637f8c91bf5386ed95fa975ba

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.10.1_amd64.deb
      Size/MD5:    78348 9be5305e9bb4f8b85d0857230cc2acda

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.10.1_i386.deb
      Size/MD5:    77494 2e37aba551e192fffaf17754b96fee1a

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.10.1_lpia.deb
      Size/MD5:    77452 d89fdc271a18c000d84a2ce6c1c1db4a

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.10.1_powerpc.deb
      Size/MD5:    80632 5312557a64d26867ac5472ee56f3ac2e

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libp/libpam-krb5/libpam-krb5_3.10-1ubuntu0.8.10.1_sparc.deb
      Size/MD5:    76978 9fc7e9ee619bd7ce77fafe13a2dc46b8



--=-K+2S78fml+EGQJhOb1TI
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAkmUdfMACgkQLMAs/0C4zNp82QCfTJbdmxdSxB/OQsHOauhsDwC9
8iAAn17ECwiWrsw9YNzkiV2QZv9CFn0+
=dttc
-----END PGP SIGNATURE-----

--=-K+2S78fml+EGQJhOb1TI--



--==============21049036482748518=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--==============21049036482748518==--
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Four fake Google haxbots hit YOUR WEBSITE every day
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
The Barnaby Jack Few Knew: Celebrated Hacker Saw Spotlight as 'Necessary Evil'
What I Learned from Edward Snowden at the Hacker Conference
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.