lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Fri Jun  9 11:46:28 2006
From: martin.pitt at canonical.com (Martin Pitt)
Subject: [USN-293-1] gdm vulnerability

=========================================================== 
Ubuntu Security Notice USN-293-1              June 09, 2006
gdm vulnerability
CVE-2006-2452
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
  gdm                            2.8.0.5-0ubuntu1.2

Ubuntu 6.06 LTS:
  gdm                            2.14.6-0ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

If the admin configured a gdm theme that provided an user list, any
user could activate the gdm setup program by first choosing the setup
option from the menu, clicking on the user list and entering his own
(instead of root's) password. This allowed normal users to configure
potentially dangerous features like remote or automatic login.

Please note that this does not affect a default Ubuntu installation,
since the default theme does not provide an user list. In Ubuntu 6.06
you additionally have to have the "ConfigAvailable" setting enabled in
gdm.conf to be vulnerable (it is disabled by default).

Ubuntu 5.04 is not affected by this flaw.


Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.8.0.5-0ubuntu1.2.diff.gz
      Size/MD5:    67128 33be1f0d249e20f26a71853429faecef
    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.8.0.5-0ubuntu1.2.dsc
      Size/MD5:      820 a27629124864eceb8b7bde6d3bc5fce9
    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.8.0.5.orig.tar.gz
      Size/MD5:  4226618 349b76492113ab814f2732d4ce3a49c2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.8.0.5-0ubuntu1.2_amd64.deb
      Size/MD5:  1618282 de5b62fce24232a5f46c930cd719740d

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.8.0.5-0ubuntu1.2_i386.deb
      Size/MD5:  1559904 34f918ecf92c03d0ab4befa70d735670

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.8.0.5-0ubuntu1.2_powerpc.deb
      Size/MD5:  1571650 2a8967304c094d4a0e79a0c9018fff4d

Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.14.6-0ubuntu2.1.diff.gz
      Size/MD5:    75736 c0235a8f490d5b383b07365d7643da5e
    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.14.6-0ubuntu2.1.dsc
      Size/MD5:      885 670690837f6ee2692adfea92d71dd901
    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.14.6.orig.tar.gz
      Size/MD5:  4681313 6e0e99eb405a9a8e04ff81122723aae5

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.14.6-0ubuntu2.1_amd64.deb
      Size/MD5:  1779088 d9c3c3cf9c4aebe8f797fafbd8f8e135

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.14.6-0ubuntu2.1_i386.deb
      Size/MD5:  1714272 78f75e07fc5950e5f61c80ca0188ebaf

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/g/gdm/gdm_2.14.6-0ubuntu2.1_powerpc.deb
      Size/MD5:  1762968 38d342e8408ad7cd6c613b8aa82e6458

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060609/80f905e2/attachment.bin

Powered by blists - more mailing lists