Executive Summary
Summary | |
---|---|
Title | pam security and bug fix update |
Informations | |||
---|---|---|---|
Name | RHSA-2007:0465 | First vendor Publication | 2007-06-07 |
Vendor | RedHat | Last vendor Modification | 2007-06-07 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:H/Au:M/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 3.4 | Attack Range | Local |
Cvss Impact Score | 6.4 | Attack Complexity | High |
Cvss Expoit Score | 1.2 | Authentication | Requires multiple instances |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated pam packages that resolves several bugs and security flaws are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Pluggable Authentication Modules (PAM) provide a system whereby administrators can set up authentication policies without having to recompile programs that handle authentication. A flaw was found in the way the Linux kernel handled certain SG_IO commands. Console users with access to certain device files had the ability to damage recordable CD drives. The way pam_console handled permissions of these files has been modified to disallow access. This change also required modifications to the cdrecord application. (CVE-2004-0813) A flaw was found in the way pam_console set console device permissions. It was possible for various console devices to retain ownership of the console user after logging out, possibly leaking information to an unauthorized user. (CVE-2007-1716) The pam_unix module provides authentication against standard /etc/passwd and /etc/shadow files. The pam_stack module provides support for stacking PAM configuration files. Both of these modules contained small memory leaks which caused problems in applications calling PAM authentication repeatedly in the same process. All users of PAM should upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. Bug IDs fixed (http://bugzilla.redhat.com/): 133098 - CVE-2004-0813 SG_IO unsafe user command execution 204055 - Possibly memory leak in pam modules. 230625 - 4byte leak in pam_unix.so 232096 - CVE-2004-0813 SG_IO unsafe user command execution 234142 - CVE-2007-1716 Ownership of devices not returned to root after logout from console |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2007-0465.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10011 | |||
Oval ID: | oval:org.mitre.oval:def:10011 | ||
Title: | Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only access and perform unauthorized write and erase operations. | ||
Description: | Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only access and perform unauthorized write and erase operations. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0813 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11483 | |||
Oval ID: | oval:org.mitre.oval:def:11483 | ||
Title: | pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges. | ||
Description: | pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-1716 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Os | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-23 (vmware-workstation vmware-player) File : nvt/glsa_200711_23.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
37271 | pam_console Console Device Permission Restoration Weakness |
10352 | Linux Kernel ide-cd SG_IO Arbitrary Operation Execution |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0465.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0737.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070611_pam_on_SL3.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071109_pam_on_SL5.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071115_pam_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2007-0006.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-23.nasl - Type : ACT_GATHER_INFO |
2007-11-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0737.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0555.nasl - Type : ACT_GATHER_INFO |
2007-06-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0465.nasl - Type : ACT_GATHER_INFO |
2007-06-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0465.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:50:44 |
|