Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: USN-922-1: libnss-db vulnerability
Special Forums Cybersecurity Security Advisories (RSS) USN-922-1: libnss-db vulnerability Post 302409304 by Linux Bot on Wednesday 31st of March 2010 04:00:03 PM
Old 03-31-2010
USN-922-1: libnss-db vulnerability
Referenced CVEs:
CVE-2010-0826


Description:
===========================================================Ubuntu Security Notice USN-922-1 March 31, 2010libnss-db vulnerabilityCVE-2010-0826===========================================================A security issue affects the following Ubuntu releases:Ubuntu 8.04 LTSUbuntu 8.10Ubuntu 9.04Ubuntu 9.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 8.04 LTS: libnss-db 2.2.3pre1-3ubuntu1.8.04.2Ubuntu 8.10: libnss-db 2.2.3pre1-3ubuntu1.8.10.2Ubuntu 9.04: libnss-db 2.2.3pre1-3ubuntu3.9.04.2Ubuntu 9.10: libnss-db 2.2.3pre1-3ubuntu3.9.10.2In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Stephane Chazelas discovered that libnss-db did not correctly set up adatabase environment. A local attacker could exploit this to read thefirst line of arbitrary files, leading to a loss of privacy and possiblyprivilege escalation.





More...
 

We Also Found This Discussion For You

1. UNIX for Dummies Questions & Answers

how to find 922 record 03 or 88 not found code 922 change 922 to 904

%%START CBLOADER CBLOADER BRBAI2 000090 01,011600033,011600033,110516,0834,2,90,,2/ 02,011600033,011103093,1,110317,0834,,2/ 03,105581,,015,+00000416418,,,901,+00000000148,,,922,+000000 00354,,/ 03,113806,,015,+00000559618,,,901,+00000000096,,,922,+000000 00621,,/... (1 Reply)
Discussion started by: sgoud
1 Replies

LEARN ABOUT ULTRIX

secsetup

secsetup(8)						      System Manager's Manual						       secsetup(8)

Name
       secsetup - enable the enhanced security features

Syntax
       /usr/etc/sec/secsetup

Description
       The command is an interactive facility that allows you to enable the enhanced security features on your system.	You must first have loaded
       the enhanced security subset onto your system before running the command.

       The command allows you to configure your system either for security auditing, trusted path, enhanced login, or  any  combination  of  those
       features.  In addition, the command may add lines to the file.  To remove entries from the you must edit it by hand.  The command only adds
       lines to this file if they aren't already present.  You can run while the system is in multiuser mode (however,	some  inconsistencies  may
       result  from  this.   See the Security Guide for Administrators for more information).  To run type the following and then answer the ques-
       tions that follow:
       # /usr/etc/sec/secsetup
       Depending on the security features chosen, when completes you may need to replace your system's kernel and reboot the system.  For example,
       chosing either the security auditing or trusted path feature may require you to re-build your kernel.

Files
See Also
       set_audit_mask(8), auth(5), svc.conf(5)
       Security Guide for Administrators

																       secsetup(8)
All times are GMT -4. The time now is 09:01 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy