LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 27th, 2014
Linux Advisory Watch: October 24th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: 964-1: Likewise Open vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Matt Weatherford discovered that Likewise Open did not correctly checkpassword expiration for the local-provider account. A local attacker couldexploit this to log into a system they would otherwise not have access to. [More...]
===========================================================
Ubuntu Security Notice USN-964-1              July 26, 2010
likewise-open vulnerability
CVE-2010-0833
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.04 LTS:
  likewise-open5-lsass            5.4.0.42111-2ubuntu1.1

In general, a standard system update will make all the necessary changes.

Details follow:

Matt Weatherford discovered that Likewise Open did not correctly check
password expiration for the local-provider account. A local attacker could
exploit this to log into a system they would otherwise not have access to.


Updated packages for Ubuntu 10.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/l/likewise-open/likewise-open_5.4.0.42111-2ubuntu1.1.diff.gz
      Size/MD5:    64682 09043b593e04adc1f60c26ee4aac035f
    http://security.ubuntu.com/ubuntu/pool/main/l/likewise-open/likewise-open_5.4.0.42111-2ubuntu1.1.dsc
      Size/MD5:     1650 913ed2043149368e67f37176af506983
    http://security.ubuntu.com/ubuntu/pool/main/l/likewise-open/likewise-open_5.4.0.42111.orig.tar.gz
      Size/MD5: 18092080 19620caa003a2b5d72333a89bf1374f2

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/l/likewise-open/likewise-open5-eventlog_5.4.0.42111-2ubuntu1.1_all.deb
      Size/MD5:     5432 126299fab12e2a631fdbcd879d18d9a2
    http://security.ubuntu.com/ubuntu/pool/universe/l/likewise-open/likewise-open5-gui_5.4.0.42111-2ubuntu1.1_all.deb
      Size/MD5:     5434 184ce2cfb71e33b062b005c3added5fc
    http://security.ubuntu.com/ubuntu/pool/universe/l/likewise-open/likewise-open5-libs_5.4.0.42111-2ubuntu1.1_all.deb
      Size/MD5:     5426 3882a89c4577500193c3eed5b60f8c61
    http://security.ubuntu.com/ubuntu/pool/universe/l/likewise-open/likewise-open5-lsass_5.4.0.42111-2ubuntu1.1_all.deb
      Size/MD5:     5910 e5f8be95ca537152ab2d611b2de08a5e
    http://security.ubuntu.com/ubuntu/pool/universe/l/likewise-open/likewise-open5-netlogon_5.4.0.42111-2ubuntu1.1_all.deb
      Size/MD5:     5434 8cf6d0ca5eeaed3a2530169e44643d6f
    http://security.ubuntu.com/ubuntu/pool/universe/l/likewise-open/likewise-open5-rpc_5.4.0.42111-2ubuntu1.1_all.deb
      Size/MD5:     5428 3a714728838b1b6590651a5f2b2dd518
    http://security.ubuntu.com/ubuntu/pool/universe/l/likewise-open/likewise-open5_5.4.0.42111-2ubuntu1.1_all.deb
      Size/MD5:     5416 188d15058d353ec27eb87c34db3538ea

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/l/likewise-open/likewise-open_5.4.0.42111-2ubuntu1.1_amd64.deb
      Size/MD5:  3098090 f49a7680210d397aaced4bacbdd9db5a
    http://security.ubuntu.com/ubuntu/pool/universe/l/likewise-open/likewise-open-gui_5.4.0.42111-2ubuntu1.1_amd64.deb
      Size/MD5:    29126 0e66013d093e6aeed2cdc3aab16f0e58
    http://security.ubuntu.com/ubuntu/pool/universe/l/likewise-open/likewise-open-server_5.4.0.42111-2ubuntu1.1_amd64.deb
      Size/MD5:   561242 33655392df31fa10cf8fd1231d2c4f68

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/l/likewise-open/likewise-open_5.4.0.42111-2ubuntu1.1_i386.deb
      Size/MD5:  2677246 7a51f8ce10251dc3e1b0cb009b34728d
    http://security.ubuntu.com/ubuntu/pool/universe/l/likewise-open/likewise-open-gui_5.4.0.42111-2ubuntu1.1_i386.deb
      Size/MD5:    28174 84bf824b7c53ea8b06ff0cc2f28e01b6
    http://security.ubuntu.com/ubuntu/pool/universe/l/likewise-open/likewise-open-server_5.4.0.42111-2ubuntu1.1_i386.deb
      Size/MD5:   480228 dec653ec0f5c4595a437ba59c9ec817c


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data
Hackers target unclassified White House network
BYOD: Why the biggest security worry is the fool within rather than the enemy without
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.