| 1 |
- -------------------------------------------------------------------------- |
| 2 |
GLSA: GENTOO LINUX SECURITY ANNOUNCEMENT |
| 3 |
- -------------------------------------------------------------------------- |
| 4 |
|
| 5 |
PACKAGE :shadow |
| 6 |
SUMMARY :Bug in PAM config |
| 7 |
DATE :2002-04-04 02:33:00 |
| 8 |
|
| 9 |
- -------------------------------------------------------------------------- |
| 10 |
|
| 11 |
OVERVIEW |
| 12 |
|
| 13 |
The effect of this bug is that anyone who has a valid password for any user on |
| 14 |
the system can login as root either from the console or via telnet. To |
| 15 |
use this bug you had to login with a incorrect password 3 times |
| 16 |
(via console) or 4 times (via telnet) and on the 4th or 5th time you had |
| 17 |
to enter the correct password. Doing so would drop you to a root prompt |
| 18 |
with no home directory. It should be known that Gentoo does not default |
| 19 |
to allowing telnet access and ssh was unaffected by this bug. |
| 20 |
|
| 21 |
DETAIL |
| 22 |
|
| 23 |
Recently, Gentoo started using a PAM module called pam_stack along with |
| 24 |
pam_pwdb. pam_stack allows for better flexibility when configuring PAM |
| 25 |
security settings. The combination of pam_pwdb and pam_stack caused the |
| 26 |
bug described above to form. In the past pam_pwdb was used by itself |
| 27 |
and did not exhibit this bug. When we discovered this bug we replaced |
| 28 |
pam_pwdb with pam_unix. The combination of pam_unix and pam_stack does |
| 29 |
not have this bug. |
| 30 |
|
| 31 |
SOLUTION |
| 32 |
|
| 33 |
Install sys-apps/shadow-4.0.2-r2 or higher. |
| 34 |
|
| 35 |
It is recommended that all gentoo users apply the update |
| 36 |
|
| 37 |
Portage Auto: |
| 38 |
|
| 39 |
emerge rsync |
| 40 |
emerge --update world |
| 41 |
|
| 42 |
|
| 43 |
Portage by hand: |
| 44 |
|
| 45 |
emerge rsync |
| 46 |
emerge sys-libs/shadow |
| 47 |
|
| 48 |
- -------------------------------------------------------------------------- |
| 49 |
jhhudso@g.o |
| 50 |
- -------------------------------------------------------------------------- |
| 51 |
|
| 52 |
(forwarded by me) |
| 53 |
|
| 54 |
-- |
| 55 |
Daniel Robbins <drobbins@g.o> |
| 56 |
Chief Architect/President http://www.gentoo.org |
| 57 |
Gentoo Technologies, Inc. |
Archives