Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Red Hat: RHSA-2007:0244-02 Low: BusyBox Password Security Issue

red hat
Calendar Grey May 1, 2007
Dist Redhat Esm H88
Debian releases security patches for OpenSSH to address vulnerabilities. Implement these updates to strengthen server defenses.
Updated busybox packages that fix a security issue are now available. BusyBox did not use a salt when generating passwords

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10

5. Bug IDs fixed (http://bugzilla.redhat.com/):

187385 - CVE-2006-1058 BusyBox passwd command fails to generate password with salt

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS: ea2688de7955de4405bfc008b05378c3 busybox-1.00.rc1-7.el4.src.rpm

i386: 0c75c06c661fa74ae832fcc4a7153ab8 busybox-1.00.rc1-7.el4.i386.rpm daf7431daa3182f804f1b894dadab07f busybox-anaconda-1.00.rc1-7.el4.i386.rpm 0461ac0f9559603d5d63b3f3caddf5d9 busybox-debuginfo-1.00.rc1-7.el4.i386.rpm

ia64: 18a46f64c36e642650a9ebb363b54b0e busybox-1.00.rc1-7.el4.ia64.rpm 3b590129989305b1c24a1de53c7ae08d busybox-anaconda-1.00.rc1-7.el4.ia64.rpm ba4c2058d9fc7bb310639ede4d89c581 busybox-debuginfo-1.00.rc1-7.el4.ia64.rpm

ppc: fc6013011a2d944a442901c8a0de1400 busybox-1.00.rc1-7.el4.ppc.rpm db566bb18a8f8e94867a72ca6b0fcffe busybox-anaconda-1.00.rc1-7.el4.ppc.rpm c173d1da417e684ecee543c6705839c8 busybox-debuginfo-1.00.rc1-7.el4.ppc.rpm

s390: 11d4fee314ba2cd27668ac83c3578d60 busybox-1.00.rc1-7.el4.s390.rpm 512b3cebe22667f0302529ab275f385e busybox-anaconda-1.00.rc1-7.el4.s390.rpm 0202d2b541d01c7bccfa37bd631700b5 busybox-debuginfo-1.00.rc1-7.el4.s390.rpm

s390x: 411da7f089bd7137bc8e87e16433873b busybox-1.00.rc1-7.el4.s390x.rpm 955f8e60ee02fbf5006990ed3ce8320c busybox-anaconda-1.00.rc1-7.el4.s390x.rpm c33265d15a9affb07f42563de1748640 busybox-debuginfo-1.00.rc1-7.el4.s390x.rpm

x86_64: e5a89cfec326d1a3ad4b20c0c2c491b6 busybox-1.00.rc1-7.el4.x86_64.rpm b43c019639dff4050734fb850aecdd1e busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm 15cfbd33e8f4778569d3dbeb775c8303 busybox-debuginfo-1.00.rc1-7.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: ea2688de7955de4405bfc008b05378c3 busybox-1.00.rc1-7.el4.src.rpm

i386: 0c75c06c661fa74ae832fcc4a7153ab8 busybox-1.00.rc1-7.el4.i386.rpm daf7431daa3182f804f1b894dadab07f busybox-anaconda-1.00.rc1-7.el4.i386.rpm 0461ac0f9559603d5d63b3f3caddf5d9 busybox-debuginfo-1.00.rc1-7.el4.i386.rpm

x86_64: e5a89cfec326d1a3ad4b20c0c2c491b6 busybox-1.00.rc1-7.el4.x86_64.rpm b43c019639dff4050734fb850aecdd1e busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm 15cfbd33e8f4778569d3dbeb775c8303 busybox-debuginfo-1.00.rc1-7.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: ea2688de7955de4405bfc008b05378c3 busybox-1.00.rc1-7.el4.src.rpm

i386: 0c75c06c661fa74ae832fcc4a7153ab8 busybox-1.00.rc1-7.el4.i386.rpm daf7431daa3182f804f1b894dadab07f busybox-anaconda-1.00.rc1-7.el4.i386.rpm 0461ac0f9559603d5d63b3f3caddf5d9 busybox-debuginfo-1.00.rc1-7.el4.i386.rpm

ia64: 18a46f64c36e642650a9ebb363b54b0e busybox-1.00.rc1-7.el4.ia64.rpm 3b590129989305b1c24a1de53c7ae08d busybox-anaconda-1.00.rc1-7.el4.ia64.rpm ba4c2058d9fc7bb310639ede4d89c581 busybox-debuginfo-1.00.rc1-7.el4.ia64.rpm

x86_64: e5a89cfec326d1a3ad4b20c0c2c491b6 busybox-1.00.rc1-7.el4.x86_64.rpm b43c019639dff4050734fb850aecdd1e busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm 15cfbd33e8f4778569d3dbeb775c8303 busybox-debuginfo-1.00.rc1-7.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: ea2688de7955de4405bfc008b05378c3 busybox-1.00.rc1-7.el4.src.rpm

i386: 0c75c06c661fa74ae832fcc4a7153ab8 busybox-1.00.rc1-7.el4.i386.rpm daf7431daa3182f804f1b894dadab07f busybox-anaconda-1.00.rc1-7.el4.i386.rpm 0461ac0f9559603d5d63b3f3caddf5d9 busybox-debuginfo-1.00.rc1-7.el4.i386.rpm

ia64: 18a46f64c36e642650a9ebb363b54b0e busybox-1.00.rc1-7.el4.ia64.rpm 3b590129989305b1c24a1de53c7ae08d busybox-anaconda-1.00.rc1-7.el4.ia64.rpm ba4c2058d9fc7bb310639ede4d89c581 busybox-debuginfo-1.00.rc1-7.el4.ia64.rpm

x86_64: e5a89cfec326d1a3ad4b20c0c2c491b6 busybox-1.00.rc1-7.el4.x86_64.rpm b43c019639dff4050734fb850aecdd1e busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm 15cfbd33e8f4778569d3dbeb775c8303 busybox-debuginfo-1.00.rc1-7.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2006-1058 https://access.redhat.com/security/updates/classification#low

Package List


Severity
low
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2007:0244-02
Issue date: 2007-05-01
Updated on: 2007-05-01
Product: Red Hat Enterprise Linux
Keywords: passwd password salt

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here