Sicherheit: Fehlerhafte Zugriffsrechte in Likewise

Lesezeichen hinzufügen

--===============6438121137574604038==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="Qf1oXS95uex85X0R"
Content-Disposition: inline

--Qf1oXS95uex85X0R
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

===========================================================
Ubuntu Security Notice USN-964-1 July 26, 2010
likewise-open vulnerability
CVE-2010-0833
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.04 LTS:
likewise-open5-lsass 5.4.0.42111-2ubuntu1.1

In general, a standard system update will make all the necessary changes.

Details follow:

Matt Weatherford discovered that Likewise Open did not correctly check
password expiration for the local-provider account. A local attacker could
exploit this to log into a system they would otherwise not have access to.

Updated packages for Ubuntu 10.04:

Source archives:

likewise-open_5.4.0.42111-2ubuntu1.1.diff.gz
Size/MD5: 64682 09043b593e04adc1f60c26ee4aac035f
likewise-open_5.4.0.42111-2ubuntu1.1.dsc
Size/MD5: 1650 913ed2043149368e67f37176af506983
likewise-open_5.4.0.42111.orig.tar.gz
Size/MD5: 18092080 19620caa003a2b5d72333a89bf1374f2

Architecture independent packages:

likewise-open5-eventlog_5.4.0.42111-2ubuntu1.1_all.deb
Size/MD5: 5432 126299fab12e2a631fdbcd879d18d9a2
likewise-open5-gui_5.4.0.42111-2ubuntu1.1_all.deb
Size/MD5: 5434 184ce2cfb71e33b062b005c3added5fc
likewise-open5-libs_5.4.0.42111-2ubuntu1.1_all.deb
Size/MD5: 5426 3882a89c4577500193c3eed5b60f8c61
likewise-open5-lsass_5.4.0.42111-2ubuntu1.1_all.deb
Size/MD5: 5910 e5f8be95ca537152ab2d611b2de08a5e
likewise-open5-netlogon_5.4.0.42111-2ubuntu1.1_all.deb
Size/MD5: 5434 8cf6d0ca5eeaed3a2530169e44643d6f
likewise-open5-rpc_5.4.0.42111-2ubuntu1.1_all.deb
Size/MD5: 5428 3a714728838b1b6590651a5f2b2dd518
likewise-open5_5.4.0.42111-2ubuntu1.1_all.deb
Size/MD5: 5416 188d15058d353ec27eb87c34db3538ea

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

likewise-open_5.4.0.42111-2ubuntu1.1_amd64.deb
Size/MD5: 3098090 f49a7680210d397aaced4bacbdd9db5a
likewise-open-gui_5.4.0.42111-2ubuntu1.1_amd64.deb
Size/MD5: 29126 0e66013d093e6aeed2cdc3aab16f0e58
likewise-open-server_5.4.0.42111-2ubuntu1.1_amd64.deb
Size/MD5: 561242 33655392df31fa10cf8fd1231d2c4f68

i386 architecture (x86 compatible Intel/AMD):

likewise-open_5.4.0.42111-2ubuntu1.1_i386.deb
Size/MD5: 2677246 7a51f8ce10251dc3e1b0cb009b34728d
likewise-open-gui_5.4.0.42111-2ubuntu1.1_i386.deb
Size/MD5: 28174 84bf824b7c53ea8b06ff0cc2f28e01b6
likewise-open-server_5.4.0.42111-2ubuntu1.1_i386.deb
Size/MD5: 480228 dec653ec0f5c4595a437ba59c9ec817c

--Qf1oXS95uex85X0R
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Kees Cook <kees@outflux.net>

iEYEARECAAYFAkxOAzkACgkQH/9LqRcGPm3yIQCgo3V1bW2vduncTtHck2PRCfax
mZIAn2pF0OOCYmpCZbjzfmqT1ZZi6ON5
=iFzz
-----END PGP SIGNATURE-----

--Qf1oXS95uex85X0R--

--===============6438121137574604038==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============6438121137574604038==--