漏洞信息详情
Debian Linux PAM验证绕过漏洞
- CNNVD编号:CNNVD-200210-310
- 危害等级: 中危
- CVE编号: CVE-2002-1227
- 漏洞类型: 访问验证错误
- 发布时间: 2002-10-28
- 威胁类型: 远程
- 更新时间: 2005-09-14
- 厂 商: pam
- 漏洞来源: Paul Aurich Samuel...
漏洞简介
Linux PAM可以用来对用户访问和资源等进行限制。 Debian Linux PAM验证机制存在漏洞,远程攻击者可以利用这个漏洞无需密码访问系统。 PAM 0.76版本把\"锁住\"的密码(口令文件中的密码字段为\'\'*\'\')作为空密码处理,并可以通过正常的登录过程对系统进行访问。密码文件中所有密码字段为\'\'*\'\'的帐户,并且相关SHELL不为/bin/false的情况下,远程攻击者可以利用这些帐户访问受限制的系统。
漏洞公告
临时解决方法: 如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
* 修改/etc/passwd,确保密码字段为'*'的帐户其相关SHELL为/bin/false。 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-177-1)以及相应补丁:
DSA-177-1:New PAM packages fix serious security violation in Debian/unstable
链接: http://www.debian.org/security/2002/dsa-177
补丁下载:
Source archives:
http://ftp.debian.org/debian/pool/main/p/pam/pam_0.76-6.dsc
Size/MD5 checksum: 732 c7661ad0dcbc7df4ca967e58e93edd2e
http://ftp.debian.org/debian/pool/main/p/pam/pam_0.76-6.diff.gz
Size/MD5 checksum: 87185 39d8f45620b6750b34ad9128814328e7
http://ftp.debian.org/debian/pool/main/p/pam/pam_0.76.orig.tar.gz
Size/MD5 checksum: 424671 22dd4019934cbd71bc67f13a5c2e10ec
Architecture independent components:
http://ftp.debian.org/debian/pool/main/p/pam/libpam-doc_0.76-6_all.deb
Size/MD5 checksum: 651724 b3fc72ee81ac4e4413c696ec42fa4ef3
http://ftp.debian.org/debian/pool/main/p/pam/libpam-runtime_0.76-6_all.deb
Size/MD5 checksum: 51922 28398b55b183e122984c4bf1a64183a9
Alpha architecture:
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_alpha.deb
Size/MD5 checksum: 53808 462dcd1a02dd799b761a05687cf08699
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_alpha.deb
Size/MD5 checksum: 179588 e2719b40c82af6891471c7182d8008f7
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_alpha.deb
Size/MD5 checksum: 74146 727185b2d9c55a084105e2e4c43afcd0
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_alpha.deb
Size/MD5 checksum: 116148 970c63cf78a3b7311e122069225caa06
ARM architecture:
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_arm.deb
Size/MD5 checksum: 52268 c8f6709b9b92cac992168bfa957762cd
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_arm.deb
Size/MD5 checksum: 153494 12a21eb18e0cb8fb3043c23a78b410a8
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_arm.deb
Size/MD5 checksum: 67952 bf8953d4d7227a5f8c837921da2745c4
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_arm.deb
Size/MD5 checksum: 110738 10ecfcb5e44bb5af98deb4f5b27c16cb
Intel IA-32 architecture:
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_i386.deb
Size/MD5 checksum: 52116 f91a3a10c47a08aae349bd16d161a644
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_i386.deb
Size/MD5 checksum: 146290 88216fe253c9e5042e8a6902bc807153
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_i386.deb
Size/MD5 checksum: 67504 a02c56dfa8949cf9abc071fc3b75ade1
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_i386.deb
Size/MD5 checksum: 107490 366d7a40aecdc674920c76f8c71684b3
Intel IA-64 architecture:
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_ia64.deb
Size/MD5 checksum: 56320 a52fc9867c6af83788e5d999fb3c5289
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_ia64.deb
Size/MD5 checksum: 204086 1b85b7156e03bef224c783e45c4f8f36
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_ia64.deb
Size/MD5 checksum: 81374 76d3f1c7665854f137457f7d0e75d995
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_ia64.deb
Size/MD5 checksum: 118930 31ff873794cfaf4da938340fbf87c275
HP Precision architecture:
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_hppa.deb
Size/MD5 checksum: 53646 10dce03fd0f16e7bb25cc7263b679cd2
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_hppa.deb
Size/MD5 checksum: 171266 23439afca3810b039e65e3ff5a626336
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_hppa.deb
Size/MD5 checksum: 72066 166e7a5b1f72b0585b1d1fa06d5ac4f0
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_hppa.deb
Size/MD5 checksum: 113166 bb97068c08d1e98c37a439ff044dfe0c
Motorola 680x0 architecture:
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_m68k.deb
Size/MD5 checksum: 51886 aa1a506bbabef00284d5761e891edd3d
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_m68k.deb
Size/MD5 checksum: 151202 6064da7ddbc9ecf958e52e586b4d5fe0
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_m68k.deb
Size/MD5 checksum: 67578 3586a306ffe39e0b57b6ebd37196fbc7
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_m68k.deb
Size/MD5 checksum: 106684 db2c282058e7b2d78cb41bd7ab1bc082
Big endian MIPS architecture:
http://ftp.debian.org/debian/pool/main/p/pam/libpam-
参考网址
来源: DEBIAN 名称: DSA-177 链接:http://www.debian.org/security/2002/dsa-177 来源: XF 名称: pam-disabled-bypass-authentication(10405) 链接:http://www.iss.net/security_center/static/10405.php 来源: BID 名称: 5994 链接:http://www.securityfocus.com/bid/5994
受影响实体
- Pam Pam:0.76
- Pam Pam:0.76
补丁
暂无
评论