Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Ubuntu 10.10 USN-959-2 Critical PAM Privilege Escalation Advisory

Calendar Oct 25, 2010 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory security issue critical privilege escalation ubuntu pam
USN-959-1 fixed vulnerabilities in PAM. This update provides thecorresponding updates for Ubuntu 10.10. 
==========================================================Ubuntu Security Notice USN-959-2           October 25, 2010
pam vulnerability
CVE-2010-0832
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.10:
  libpam-modules                  1.1.1-4ubuntu2

In general, a standard system update will make all the necessary changes.

Details follow:

USN-959-1 fixed vulnerabilities in PAM. This update provides the
corresponding updates for Ubuntu 10.10.

Original advisory details:

 Denis Excoffier discovered that the PAM MOTD module in Ubuntu did
 not correctly handle path permissions when creating user file stamps.
 A local attacker could exploit this to gain root privilieges.


Updated packages for Ubuntu 10.10:

  Source archives:

          Size/MD5:   256311 70ceb0ea3e0aea771cb0ee4d20159302
          Size/MD5:     1636 8b0a9a5576629cdc16a07fb6221555d1
          Size/MD5:  1799415 b4838d787dd9b046a4d6992e18b6ffac

  Architecture independent packages:

          Size/MD5:   284250 ee51d0d5117e8005bd96d365160ab8fc
          Size/MD5:    85274 65b297ca5b321eef1b76c05b7e15da01

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    56638 2058636a296f011ee82fb1085bcf98a0
          Size/MD5:   347314 d5f3e4cf08b35bf1c4772d0e17df9787
          Size/MD5:   158630 5b55c802a6e55ad7de7dca34853cadf5
          Size/MD5:    94660 a3f147932dc1c9dc7c0fff522bc7f7cd

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    56300 6ebc733abee6253e70f7862b8c8deead
          Size/MD5:   323066 799c517fe7928f1afbf2b440c87e23c3
          Size/MD5:   152140 5fef5190dfed92ca9c30e11723d7dd09
          Size/MD5:    91718 498d37554ea0e6327aa91c6a7fb7e2ca

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    56864 c4a0ce26fa71db14be87e8bd72a0b993
          Size/MD5:   343926 d00027f03fa3506e2c7433da8bf60e3a
          Size/MD5:   157816 654f538026e76baea9b670d323eb9680
          Size/MD5:    95076 7056a91e001172a2e143b138c7bf60d2

Ubuntu 10.10 USN-959-2 Critical PAM Privilege Escalation Advisory

ubuntu
Calendar Grey October 25, 2010
Dist Ubuntu Esm H88
Revise USN-959-3 to resolve PAM security flaws in Ubuntu 10.10, focusing on urgent threat mitigations.
USN-959-1 fixed vulnerabilities in PAM

Summary

Topics%20covered

Topics Covered

security advisory security issue critical privilege escalation ubuntu pam

Update Instructions

References

Severity
critical
Lowest
Low
Medium
High
Critical

pam vulnerability

Topics%20covered

Topics Covered

security advisory security issue critical privilege escalation ubuntu pam

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here