Date: 21 January 2009
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2008.1144 -- [Linux][Ubuntu]
shadow vulnerability
22 January 2009
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: shadow
Publisher: Ubuntu
Operating System: Ubuntu
Linux variants
Impact: Root Compromise
Modify Arbitrary Files
Access: Existing Account
CVE Names: CVE-2008-5394
Original Bulletin: http://www.ubuntu.com/usn/usn-695-1
Comment: This advisory references vulnerabilities in products which run on
platforms other than Ubuntu. It is recommended that administrators
running shadow check for an updated version of the software for
their operating system.
Revision History: January 22 2009: Added CVE
December 19 2008: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
===========================================================
Ubuntu Security Notice USN-695-1 December 18, 2008
shadow vulnerability
https://launchpad.net/bugs/306082
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS
Ubuntu 8.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
login 1:4.0.13-7ubuntu3.4
Ubuntu 7.10:
login 1:4.0.18.1-9ubuntu0.2
Ubuntu 8.04 LTS:
login 1:4.0.18.2-1ubuntu2.2
Ubuntu 8.10:
login 1:4.1.1-1ubuntu1.2
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Paul Szabo discovered a race condition in login. While setting up
tty permissions, login did not correctly handle symlinks. If a local
attacker were able to gain control of the system utmp file, they could
cause login to change the ownership and permissions on arbitrary files,
leading to a root privilege escalation.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.13-7ubuntu3.4.diff.gz
Size/MD5: 205508 177620b33b720ce87d522259acbdbe0c
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.13-7ubuntu3.4.dsc
Size/MD5: 931 673a51cff0b63fd347c79c9545ea0fe4
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.13.orig.tar.gz
Size/MD5: 1622557 034fab52e187e63cb52f153bb7f304c8
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.13-7ubuntu3.4_amd64.deb
Size/MD5: 249668 c5c19a139a5fe912d19076866078c6e0
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.13-7ubuntu3.4_amd64.deb
Size/MD5: 683786 f2ef6413b8c60d9b6a586599fe2e8b1e
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.13-7ubuntu3.4_i386.deb
Size/MD5: 241052 31d9c29d22a4a01a8de1a629d4797165
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.13-7ubuntu3.4_i386.deb
Size/MD5: 616702 e2237b8c7b6f8ec8d685caa31a2f58ab
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.13-7ubuntu3.4_powerpc.deb
Size/MD5: 251530 f8d7a2e2ba0ac5eeaae53d37a9d99049
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.13-7ubuntu3.4_powerpc.deb
Size/MD5: 665414 4d377d684bc618ca3c7e20521ea03a4e
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.13-7ubuntu3.4_sparc.deb
Size/MD5: 240128 8a61b5741da03dbf64f97796461a7c5e
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.13-7ubuntu3.4_sparc.deb
Size/MD5: 620410 b3c418caa6b787c682df86bc965613db
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.1-9ubuntu0.2.diff.gz
Size/MD5: 147849 23e5cd2a20460c6083d4e99afd93bb1b
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.1-9ubuntu0.2.dsc
Size/MD5: 1199 c86a0638f6f64d4214f212ff0381a86d
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.1.orig.tar.gz
Size/MD5: 2354234 3f54eaa3a35e7c559f4def92e9957581
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.1-9ubuntu0.2_amd64.deb
Size/MD5: 327468 c80b850497e00c01d8ad3817e8e7c9ad
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.1-9ubuntu0.2_amd64.deb
Size/MD5: 795952 e72d9d7ad5ca2f5f79085320d27881cd
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.1-9ubuntu0.2_i386.deb
Size/MD5: 320296 b1e64e3bd6f567babba9b0ffed18b023
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.1-9ubuntu0.2_i386.deb
Size/MD5: 716214 5d1ce7904c45af4807721bcccf89049c
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.0.18.1-9ubuntu0.2_lpia.deb
Size/MD5: 317166 9de8c0a5c50fa7a2fda13391fc01a964
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.0.18.1-9ubuntu0.2_lpia.deb
Size/MD5: 709846 09a444f189c84cc2a705150a2a19a315
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.1-9ubuntu0.2_powerpc.deb
Size/MD5: 328522 8b789214c1bad2adeb6d6cac6d144328
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.1-9ubuntu0.2_powerpc.deb
Size/MD5: 875102 b826c09b6c350f042d806d08d6938985
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.1-9ubuntu0.2_sparc.deb
Size/MD5: 322280 3f261d57f53586f41dbf24ccb763e271
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.1-9ubuntu0.2_sparc.deb
Size/MD5: 725368 1938c47ed00d6c61f7f894007913fb1d
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.2-1ubuntu2.2.diff.gz
Size/MD5: 92077 51723ec03a188d4555432ef40b5a268c
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.2-1ubuntu2.2.dsc
Size/MD5: 1198 14aabe595aa640566e039ce5d7b88609
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.2.orig.tar.gz
Size/MD5: 2501791 c3cf8814cc1323ecafd953b00efcba50
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.2-1ubuntu2.2_amd64.deb
Size/MD5: 261606 38e45bdb1fde3a86340c9a59c784fca5
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.2-1ubuntu2.2_amd64.deb
Size/MD5: 645358 62f105961813e116e39ed72598f14cce
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.2-1ubuntu2.2_i386.deb
Size/MD5: 254994 aa4ba870bfa429cdf0daa536cf812b48
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.2-1ubuntu2.2_i386.deb
Size/MD5: 566224 78cf449b34cdc469d6160744b0760580
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.0.18.2-1ubuntu2.2_lpia.deb
Size/MD5: 253888 1361c82d9160b2363498b29970c3097c
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.0.18.2-1ubuntu2.2_lpia.deb
Size/MD5: 565516 1b1eb3a66c5affac3aa2d3e8d05a1dca
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.0.18.2-1ubuntu2.2_powerpc.deb
Size/MD5: 263192 72ffd5db9593977853411bae2d18a0de
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.0.18.2-1ubuntu2.2_powerpc.deb
Size/MD5: 716834 cffc739a0973e3b3734230b54859df7e
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.0.18.2-1ubuntu2.2_sparc.deb
Size/MD5: 257810 bbdf85235702fadafa9b37f00b1efbc9
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.0.18.2-1ubuntu2.2_sparc.deb
Size/MD5: 576152 83b0c027aa795de013f6871eeff98e4a
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.1.1-1ubuntu1.2.diff.gz
Size/MD5: 77622 dabd096ca5702a135a5acd3a0880c531
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.1.1-1ubuntu1.2.dsc
Size/MD5: 1702 9053a1d80e62094f26ec59faaca35b62
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.1.1.orig.tar.gz
Size/MD5: 2720267 ae893c18fdb0a89bc7991ba1098f1446
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.1.1-1ubuntu1.2_amd64.deb
Size/MD5: 308248 711dcfbd810768ad4d79fb1e79ce5381
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.1.1-1ubuntu1.2_amd64.deb
Size/MD5: 884738 5f5c5e103b3778fd71bc0bce34812f9c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.1.1-1ubuntu1.2_i386.deb
Size/MD5: 300116 6054891c2fa6696a988c60afe210a6b7
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.1.1-1ubuntu1.2_i386.deb
Size/MD5: 786698 6c2388896a74626a1345fb8145ca435f
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.1.1-1ubuntu1.2_lpia.deb
Size/MD5: 299906 5ccff11dc0ff9f9d81178f202825b21e
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.1.1-1ubuntu1.2_lpia.deb
Size/MD5: 786080 936aaf3bfdeb2aa5f20bc5b3b7e61eb5
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.1.1-1ubuntu1.2_powerpc.deb
Size/MD5: 305770 847b80b6b2c38b24f2063dcd18a27514
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.1.1-1ubuntu1.2_powerpc.deb
Size/MD5: 901244 4723c45886c8b85e9a4c3ca0d7855642
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.1.1-1ubuntu1.2_sparc.deb
Size/MD5: 303600 1c344fe84a0ea1c02b1537bb9b80d069
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.1.1-1ubuntu1.2_sparc.deb
Size/MD5: 813906 072f654264098e9ca0058e3362e6f4ee
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBSXfCvSh9+71yA2DNAQLTiwQAmCu9w0Q1HJsMgHYoe2wbUaTUelZiXVm1
dAiYG9DJQVrR1uz2ml/BBzCjCqrrECNycHBOX22IJAXi067w1cSAJRSun/5OxtL5
8A+lfKSd06lmLBh+Koqa+fE2lvfZ1N7Fo7Nb8wT0wf0SfzXkmiz+BXFPTe/pHIOg
6OYat1Ib1FY=
=UXJr
-----END PGP SIGNATURE-----
|