drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mögliche Preisgabe von Paßwörtern in kdesu
Name: |
Mögliche Preisgabe von Paßwörtern in kdesu
|
|
ID: |
SuSE-SA:2001:02 |
|
Distribution: |
SUSE |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Di, 30. Januar 2001, 12:00 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
KDE Software Compilation |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: kdesu Announcement-ID: SuSE-SA:2001:02 Date: Affected SuSE versions: 6.0, 6.1, 6.2, 6.3, 6.4, 7.0 Vulnerability Type: local root compromise Severity (1-10): 3 SuSE default package: yes Other affected systems: All KDE 1 & KDE 2 systems
Content of this advisory: 1) security vulnerability resolved: kdesu problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds 3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
kdesu is a KDE frontend for su(1). When invoked it prompts for the root password and runs su(1). kdesu itself does not run setuid/setgid.
However when enabling the 'keep password' option it tries to send the password across process boundaries to kdesud via a UNIX socket. During this it does not verify the identity of the listener on the other end. This allows attackers to obtain the root password.
This bug has been fixed in the update packages by checking the ownership of the socket on the listener side.
Download the update package from locations desribed below and install the package with the command `rpm -Uhv file.rpm'. The md5sum for each file is in the line below. You can verify the integrity of the rpm files using the command `rpm --checksig --nogpg file.rpm', independently from the md5 signatures below.
i386 Intel Platform:
SuSE-6.1: ftp://ftp.suse.com/pub/suse/i386/update/6.1/kpa1/kdesu-0.98-187.i386.rpm 3d51f84f2dc87916bc937f3afe507c1a
SuSE-6.1: ftp://ftp.suse.com/pub/suse/i386/update/6.1/kpa1/kdesu.rpm 3d51f84f2dc87916bc937f3afe507c1a
source rpm: ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/kdesu-0.98-187.src.rpm f8764afd475fa7a41c18603d15ce48ab
SuSE-6.2: ftp://ftp.suse.com/pub/suse/i386/update/6.2/kpa1/kdesu-0.98-187.i386.rpm 027617e19c957b1ed5f42f140b62521b
SuSE-6.2: ftp://ftp.suse.com/pub/suse/i386/update/6.2/kpa1/kdesu.rpm 027617e19c957b1ed5f42f140b62521b
source rpm: ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/kdesu-0.98-187.src.rpm 9cf3d4b0c00db4598968dd5c7e07eef7
SuSE-6.3: ftp://ftp.suse.com/pub/suse/i386/update/6.3/kpa1/kdesu-0.98-187.i386.rpm d2b6c6f3330a20c2eb7d5500de2f9df6
SuSE-6.3: ftp://ftp.suse.com/pub/suse/i386/update/6.3/kpa1/kdesu.rpm d2b6c6f3330a20c2eb7d5500de2f9df6
source rpm: ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/kdesu-0.98-187.src.rpm a50cc8ba1a793f9151559454fdad0a14
SuSE-6.4: ftp://ftp.suse.com/pub/suse/i386/update/6.4/kpa1/kdesu-0.98-187.i386.rpm 8f06dd49bdc00dca25eff33a3754ddee
SuSE-6.4: ftp://ftp.suse.com/pub/suse/i386/update/6.4/kpa1/kdesu.rpm 8f06dd49bdc00dca25eff33a3754ddee
source rpm: ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/kdesu-0.98-187.src.rpm 0ca2d30cf51d1307f88581d4e240bbf0
SuSE-7.0: ftp://ftp.suse.com/pub/suse/i386/update/7.0/kpa1/kdesu-0.98-187.i386.rpm c7238ea5775939239b3857b550ca9f1b
SuSE-7.0: ftp://ftp.suse.com/pub/suse/i386/update/7.0/kpa1/kdesu.rpm c7238ea5775939239b3857b550ca9f1b
source rpm: ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/kdesu-0.98-187.src.rpm bc74c75ba0b514f7df4f0250ccc7454a
Sparc Platform:
AXP Alpha Platform:
SuSE-6.1: ftp://ftp.suse.com/pub/suse/axp/update/6.1/kpa1/kdesu-0.98-187.alpha.rpm 8017cd7fed463cae4bef3fa471e7e1d8
SuSE-6.1: ftp://ftp.suse.com/pub/suse/axp/update/6.1/kpa1/kdesu.rpm 8017cd7fed463cae4bef3fa471e7e1d8
source rpm: ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/kdesu-0.98-187.src.rpm 78846e4ae3f50e9264e8840da1a628a8
SuSE-6.3: ftp://ftp.suse.com/pub/suse/axp/update/6.3/kpa1/kdesu-0.98-187.alpha.rpm cf1629ba236c0c84e0f2b33101b5f1aa
SuSE-6.3: ftp://ftp.suse.com/pub/suse/axp/update/6.3/kpa1/kdesu.rpm cf1629ba236c0c84e0f2b33101b5f1aa
source rpm: ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/kdesu-0.98-187.src.rpm da851ebaee36cb91cb1e1fca0c8bfda2
SuSE-6.4: ftp://ftp.suse.com/pub/suse/axp/update/6.4/kpa1/kdesu-0.98-187.alpha.rpm d1904cc9db320ea2c576b73633ee6bd5
SuSE-6.4: ftp://ftp.suse.com/pub/suse/axp/update/6.4/kpa1/kdesu.rpm d1904cc9db320ea2c576b73633ee6bd5
source rpm: ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/kdesu-0.98-187.src.rpm 27261cf8ff0ea66a597520260b832f7d
SuSE-7.0: ftp://ftp.suse.com/pub/suse/axp/update/7.0/kpa1/kdesu-0.98-187.alpha.rpm be3b258eeeb3c56351b93ec8a32826db
SuSE-7.0: ftp://ftp.suse.com/pub/suse/axp/update/7.0/kpa1/kdesu.rpm be3b258eeeb3c56351b93ec8a32826db
source rpm: ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/kdesu-0.98-187.src.rpm b7e3139377784c5cbbc4f14a5061d124
PPC Power PC Platform:
SuSE-6.4: ftp://ftp.suse.com/pub/suse/ppc/update/6.4/kpa1/kdesu-0.98-187.ppc.rpm 705afa4defc64c48f89dd94b2d52c296
SuSE-6.4: ftp://ftp.suse.com/pub/suse/ppc/update/6.4/kpa1/kdesu.rpm 705afa4defc64c48f89dd94b2d52c296
source rpm: ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/kdesu-0.98-187.src.rpm 32e626fa7e8206d6803957c77062185b
SuSE-7.0: ftp://ftp.suse.com/pub/suse/ppc/update/7.0/kpa1/kdesu-0.98-187.ppc.rpm e9b4a8a26844af0bc8cb37c8d2d26530
SuSE-7.0: ftp://ftp.suse.com/pub/suse/ppc/update/7.0/kpa1/kdesu.rpm e9b4a8a26844af0bc8cb37c8d2d26530
source rpm: ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/kdesu-0.98-187.src.rpm aaa092ffafe149ef8ba3acf570966e09
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- Kmail remote code execution. This issue will be adressed in following advisories. - pgp4pine bufferoverflow. Very unlikely to be exploited, but next advisories will contain information on this as well as URL's for patches. ______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may subscribe:
suse-security@suse.com - general/linux/SuSE security discussion. All SuSE security announcements are sent to this list. To subscribe, send an email to <suse-security-subscribe@suse.com>.
suse-security-announce@suse.com - SuSE's announce-only mailing list. Only SuSE's security annoucements are sent to this list. To subscribe, send an email to <suse-security-announce-subscribe@suse.com>.
For general information or the frequently asked questions (faq) send mail to: <suse-security-info@suse.com> or <suse-security-faq@suse.com> respectively.
=============================================== SuSE's security contact is <security@suse.com>. ===============================================
Regards, Sebastian Krahmer
______________________________________________________________________________
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. SuSE GmbH makes no warranties of any kind whatsoever with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security@suse.de>
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3i
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12Cg== =pIeS -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv
iQEVAwUBOnLxI3ey5gA9JdPZAQGh/Qf+MoBq8Ys7ANMtnSg9mKVLxA7HXSM5DPVP lM4zFFJwyU8b/DBNfEHYPwDwNeAxeHtjMbpYbWt2zos2dVsz9caFOZznBRjM9hlF AhGMzXjTus+qfVoothlsMfVGvV3xOqbbIjdiUZChiULe8/Bm+YDmD2y9fkquxD+Z dmoY9yOaQ2bSjT8a1Gyin04Jew/uFyAroNmaAn1XDPGqXPq9EIXJz8gWigqDLwe+ Qfcizp9picMLnfEipGtCARP2/my53hp+2JwGy78E+lf7EZrhq0wlJ5nELQUdvYyA Y6aOEVq349q6Q5QeMF9ABfpyKPbmUXwkzzXTtMwdmYKoKtu6cUEThQ== =YAhD -----END PGP SIGNATURE-----
-- To unsubscribe, e-mail: suse-security-announce-unsubscribe@suse.com For additional commands, e-mail: suse-security-announce-help@suse.com
|
|
|
|