Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Red Hat Linux 6.x RHSA-2000:044-02 Critical: Remote Access Issue

Calendar Jul 22, 2000 User Avatar LinuxSecurity Advisories
2 - 3 min read
Redhat Large Esm H500
Topics%20covered

Topics Covered

security advisory Red Hat critical Remote Access pam packages console access
Workstations running a display manager may potentially allow remote users to access console devices. ` 
---------------------------------------------------------------------
                   Red Hat, Inc. Security Advisory

Synopsis:          Updated PAM packages are available.
Advisory ID:       RHSA-2000:044-02
Issue date:        2000-07-21
Updated on:        2000-07-21
Product:           Red Hat Linux
Keywords:          N/A
Cross references:  N/A
---------------------------------------------------------------------

1. Topic:

Updated pam packages are available for Red Hat Linux 6.x.
These packages fix a bug that would potentially allow
remote users to access console devices and shut down the
workstation if the workstation is running a display manager
(xdm, gdm, kdm, etc.) with XDMCP enabled.

2. Relevant releases/architectures:

Red Hat Linux 6.0 - i386, alpha, sparc
Red Hat Linux 6.1 - i386, alpha, sparc
Red Hat Linux 6.2 - i386, alpha, sparc

3. Problem description:

If a workstation is configured to use a display manager (xdm,
gdm, kdm, etc.) AND has XDMCP enabled, it is possible for a user
who logs in remotely to use Xnest -query to log in on display
:1, which is recognized as the system console.

This is the documented behavior for Red Hat Linux 6.0, 6.1, and
6.2.  This update disables this feature by default.  Users of Red
Hat Linux 5.x are not affected because the pam_console.so module
was not included in releases prior to 6.0.

4. Solution:

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where filename is the name of the RPM.

5. Bug IDs fixed  ( for more info):

11165 - Gnome panel, ssh can allow remote non-root users to halt,reboot
12417 - man pages not installed properly in pam
12430 - /sbin/{pwdb,unix}_chkpwd not stripped


6. RPMs required:

Red Hat Linux 6.2:

sparc: 

alpha: 

i386: 

sources: 

7. Verification:

MD5 sum                           Package Name
--------------------------------------------------------------------------
1e0f9bd6ac389b40c90daba918c419eb  6.2/SRPMS/pam-0.72-20.src.rpm
8834754c1b0fd31ac4fa8f3e54bb7444  6.2/alpha/pam-0.72-20.alpha.rpm
b0376fbeb5fa31b1ac118b1831185959  6.2/i386/pam-0.72-20.i386.rpm
be592c19f8742f9dca85d6ef19cbfb80  6.2/sparc/pam-0.72-20.sparc.rpm

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
     
You can verify each package with the following command:
    rpm --checksig  

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg 

8. References:

N/A


Copyright(c) 2000 Red Hat, Inc.
`

Red Hat Linux 6.x RHSA-2000:044-02 Critical: Remote Access Issue

red hat
Calendar Grey July 22, 2000
Dist Redhat Esm H88
PAM packages update mitigates critical remote access risk. Advisory ID: RHSA-2000:044-02 with remote console issue.
Workstations running a display manager may potentially allow remote users to access console devices.

Solution

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where filename is the name of the RPM.

5. Bug IDs fixed ( for more info):

11165 - Gnome panel, ssh can allow remote non-root users to halt,reboot 12417 - man pages not installed properly in pam 12430 - /sbin/{pwdb,unix}_chkpwd not stripped


6. RPMs required:

Red Hat Linux 6.2:

sparc:

alpha:

i386:

sources:

7. Verification:

MD5 sum Package Name 1e0f9bd6ac389b40c90daba918c419eb 6.2/SRPMS/pam-0.72-20.src.rpm 8834754c1b0fd31ac4fa8f3e54bb7444 6.2/alpha/pam-0.72-20.alpha.rpm b0376fbeb5fa31b1ac118b1831185959 6.2/i386/pam-0.72-20.i386.rpm be592c19f8742f9dca85d6ef19cbfb80 6.2/sparc/pam-0.72-20.sparc.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:

You can verify each package with the following command: rpm --checksig

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

Summary

Topics%20covered

Topics Covered

security advisory Red Hat critical Remote Access pam packages console access

References

N/A Copyright(c) 2000 Red Hat, Inc. `

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2000:044-02
Issue date: 2000-07-21
Updated on: 2000-07-21
Product: Red Hat Linux
Keywords: N/A
Cross references: N/A

Topic

Topics%20covered

Topics Covered

security advisory Red Hat critical Remote Access pam packages console access

Relevant Releases Architectures

Red Hat Linux 6.0 - i386, alpha, sparc

Red Hat Linux 6.1 - i386, alpha, sparc

Red Hat Linux 6.2 - i386, alpha, sparc

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here