Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > October 2005 > Fedora - Fedora Core 3 Update: pam-0.77-66.2.13 [FEDORA-2005-1030]

October 2005

Fedora - Fedora Core 3 Update: pam-0.77-66.2.13 [FEDORA-2005-1030]

ID: 00952
Ref: 890/05
Date: 27 October 2005:11:09:02
Version: 1
Title: Fedora - Fedora Core 3 Update: pam-0.77-66.2.13 [FEDORA-2005-1030]
Abstract: This update fixes a security bug in unix_chkpwd allowing brute force attacks against passwords in /etc/shadow by a regular user when SELinux is enabled.
Vendors affected: Fedora
Operating systems affected: Fedora
Applications affected: Fedora

Title
=====
Fedora - Fedora Core 3 Update: pam-0.77-66.2.13 [FEDORA-2005-1030]


Detail
======


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1030
2005-10-26
- ---------------------------------------------------------------------

Product : Fedora Core 3
Name : pam
Version : 0.77
Release : 66.2.13
Summary : A security tool which provides authentication for applications.
Description :
PAM (Pluggable Authentication Modules) is a system security tool that
allows system administrators to set authentication policy without
having to recompile programs that handle authentication.

- ---------------------------------------------------------------------
Update Information:

This update fixes a security bug in unix_chkpwd allowing
brute force attacks against passwords in /etc/shadow by a
regular user when SELinux is enabled.

- ---------------------------------------------------------------------
* Wed Oct 26 2005 Tomas Mraz 0.77-66.2.13
- - fixed CAN-2005-2977 unix_chkpwd should skip user verification only if
run as root (#168181)
- - support no tty in pam_access (#170467)
- - support unlimited limits (#171546)
- - allow larger buffer for getgr* functions
- - flush input first, then print the prompt in misc_conv
- - improve the passwd-order patch so it doesn't regress
passwd on the NIS master server

* Mon Jan 24 2005 Tomas Mraz
- - ALLGROUP and ALL limits weren't correctly applied by pam_limits
- - Fix a typo in pam_localuser README


- ---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

d1a8c71517ac457b12522906b5ca00e4 SRPMS/pam-0.77-66.2.13.src.rpm
bf60d28835a86303ec733ebd9ded454c x86_64/pam-0.77-66.2.13.x86_64.rpm
a5ca72723f4141b7af15b9fc0e2f2411 x86_64/pam-devel-0.77-66.2.13.x86_64.rpm
cea2cac58b70de0e8b692dbd5687be32 x86_64/debug/pam-debuginfo-0.77-66.2.13.x86_64.rpm
7f888626b9ec2ec25ad5871366974b92 x86_64/pam-0.77-66.2.13.i386.rpm
2178f2baec355d9096b751f03d0f0ed7 x86_64/pam-devel-0.77-66.2.13.i386.rpm
7f888626b9ec2ec25ad5871366974b92 i386/pam-0.77-66.2.13.i386.rpm
2178f2baec355d9096b751f03d0f0ed7 i386/pam-devel-0.77-66.2.13.i386.rpm
0e2577415f68615d088d5d6fdbd303ab i386/debug/pam-debuginfo-0.77-66.2.13.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
- ---------------------------------------------------------------------



  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |