Summary: | possible security issue (hard to trigger) | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Brandon Low (RETIRED) <lostlogic> |
Component: | [OLD] Core system | Assignee: | Daniel Robbins (RETIRED) <drobbins> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | lostlogic |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
URL: | http://lists.gentoo.org/pipermail/gentoo-user/2002-April/008752.html | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Brandon Low (RETIRED)
2002-04-02 16:02:08 UTC
This is a realy BIG problem. It is much easier to replicate then desribed. Try to login from a virtual terminal 3 times in a row as a regular user with the wrong password (any password) and finaly enter the correct password. You are now logged in as root. Someone just posted that it can be remotely eploitable if you run a telnet server. This is so big, that until it is fixed, you should recommend disconnecting Gentoo boxes from the Internet. The big priority and severity should be upped to the maximum. the problem is with pam_pwdb.so flaking out if there are minor issues with the passwd database. It's still a pam_pwdb.so problem -- fix in progress... stay tuned... (replace all occurrences of pam_pwb.so with pam_unix.so in your /etc/pam.d files, particularly system-auth for a quick fix..) The 4.0.2-r2 shadow package fixes this big bad Gentoo 1.0 bug. |