Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: 964-1: Likewise Open vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Matt Weatherford discovered that Likewise Open did not correctly checkpassword expiration for the local-provider account. A local attacker couldexploit this to log into a system they would otherwise not have access to. [More...]
Ubuntu Security Notice USN-964-1              July 26, 2010
likewise-open vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.04 LTS:

In general, a standard system update will make all the necessary changes.

Details follow:

Matt Weatherford discovered that Likewise Open did not correctly check
password expiration for the local-provider account. A local attacker could
exploit this to log into a system they would otherwise not have access to.

Updated packages for Ubuntu 10.04:

  Source archives:
      Size/MD5:    64682 09043b593e04adc1f60c26ee4aac035f
      Size/MD5:     1650 913ed2043149368e67f37176af506983
      Size/MD5: 18092080 19620caa003a2b5d72333a89bf1374f2

  Architecture independent packages:
      Size/MD5:     5432 126299fab12e2a631fdbcd879d18d9a2
      Size/MD5:     5434 184ce2cfb71e33b062b005c3added5fc
      Size/MD5:     5426 3882a89c4577500193c3eed5b60f8c61
      Size/MD5:     5910 e5f8be95ca537152ab2d611b2de08a5e
      Size/MD5:     5434 8cf6d0ca5eeaed3a2530169e44643d6f
      Size/MD5:     5428 3a714728838b1b6590651a5f2b2dd518
      Size/MD5:     5416 188d15058d353ec27eb87c34db3538ea

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:  3098090 f49a7680210d397aaced4bacbdd9db5a
      Size/MD5:    29126 0e66013d093e6aeed2cdc3aab16f0e58
      Size/MD5:   561242 33655392df31fa10cf8fd1231d2c4f68

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:  2677246 7a51f8ce10251dc3e1b0cb009b34728d
      Size/MD5:    28174 84bf824b7c53ea8b06ff0cc2f28e01b6
      Size/MD5:   480228 dec653ec0f5c4595a437ba59c9ec817c

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.