[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060705222942.GC23928@box79162.elkhouse.de>
Date: Wed Jul 5 23:31:00 2006
From: martin.pitt at canonical.com (Martin Pitt)
Subject: [USN-310-1] ppp vulnerability
===========================================================
Ubuntu Security Notice USN-310-1 July 05, 2006
ppp vulnerability
CVE-2006-2194
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 5.10:
ppp 2.4.3-20050321+2ubuntu1.1
ppp-dev 2.4.3-20050321+2ubuntu1.1
ppp-udeb 2.4.3-20050321+2ubuntu1.1
Ubuntu 6.06 LTS:
ppp 2.4.4b1-1ubuntu3.1
ppp-dev 2.4.4b1-1ubuntu3.1
ppp-udeb 2.4.4b1-1ubuntu3.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Marcus Meissner discovered that the winbind plugin of pppd does not
check the result of the setuid() call. On systems that configure PAM
limits for the maximum number of user processes and enable the winbind
plugin, a local attacker could exploit this to execute the winbind
NTLM authentication helper as root. Depending on the local winbind
configuration, this could potentially lead to privilege escalation.
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.3-20050321+2ubuntu1.1.diff.gz
Size/MD5: 84735 b936bb967b2bf26bb8e894b52b56f567
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.3-20050321+2ubuntu1.1.dsc
Size/MD5: 639 6fa315e3b2b44a005b1884f8e1d84838
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.3.orig.tar.gz
Size/MD5: 697459 0537b03fb51cbb847290abdbb765cb93
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp-dev_2.4.3-20050321+2ubuntu1.1_all.deb
Size/MD5: 33168 6a580e1ea142bee104cddd5593ee5bc5
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp-udeb_2.4.3-20050321+2ubuntu1.1_amd64.udeb
Size/MD5: 112486 498b0a9fea2370c8f0419ef14016d499
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.3-20050321+2ubuntu1.1_amd64.deb
Size/MD5: 349850 35c4edac3178de4ed6ee4a623b97e8bc
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp-udeb_2.4.3-20050321+2ubuntu1.1_i386.udeb
Size/MD5: 97874 5d1663cab583200aa383f63756166351
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.3-20050321+2ubuntu1.1_i386.deb
Size/MD5: 321080 134ca18479227697f4dc4d4276126141
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp-udeb_2.4.3-20050321+2ubuntu1.1_powerpc.udeb
Size/MD5: 108914 6bcb2e66fb0473fe915239f472b3fa9c
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.3-20050321+2ubuntu1.1_powerpc.deb
Size/MD5: 353924 5d79faafa8d39f06bbe73783cfb23db1
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp-udeb_2.4.3-20050321+2ubuntu1.1_sparc.udeb
Size/MD5: 104752 fc65ef96139e0bd2979f66242f6dfe77
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.3-20050321+2ubuntu1.1_sparc.deb
Size/MD5: 330712 040cf743a30e66034a10b8b66f6a30d1
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.4b1-1ubuntu3.1.diff.gz
Size/MD5: 95380 960ab46e30e78b50eb793e6f00be5823
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.4b1-1ubuntu3.1.dsc
Size/MD5: 629 8a2a372fa53360752970fbd3340cc419
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.4b1.orig.tar.gz
Size/MD5: 688912 7b08b62bcf99f1c7818fc5a622293f4c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp-dev_2.4.4b1-1ubuntu3.1_all.deb
Size/MD5: 46294 3f2cc28495b02b0976d347bdff4e5a45
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp-udeb_2.4.4b1-1ubuntu3.1_amd64.udeb
Size/MD5: 112360 7e5d4ead7131dc1b1dfb317e69356c2e
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.4b1-1ubuntu3.1_amd64.deb
Size/MD5: 351104 bd3155b620f2b9c4788633c84cfcb0d1
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp-udeb_2.4.4b1-1ubuntu3.1_i386.udeb
Size/MD5: 97278 a1635198ecb4b5ece2a3bdd147aa15bf
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.4b1-1ubuntu3.1_i386.deb
Size/MD5: 321536 a7c6a20067db8e81d8f6115f7d8d6fda
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp-udeb_2.4.4b1-1ubuntu3.1_powerpc.udeb
Size/MD5: 108676 4d0ea9a15f26f072579649a63b9a7d9b
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.4b1-1ubuntu3.1_powerpc.deb
Size/MD5: 355236 be6f4d51fb7e7ababa47bdfded4c3017
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp-udeb_2.4.4b1-1ubuntu3.1_sparc.udeb
Size/MD5: 105096 5b63ea053b50bdfd166366e35a5dde1c
http://security.ubuntu.com/ubuntu/pool/main/p/ppp/ppp_2.4.4b1-1ubuntu3.1_sparc.deb
Size/MD5: 330520 5aff30484a738f2697086c184da2eb31
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060706/df72456d/attachment.bin
Powered by blists - more mailing lists