Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-695-1: shadow vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-695-1: shadow vulnerability
# 1  
Old 12-17-2008
USN-695-1: shadow vulnerability
Description:
=========================================================== Ubuntu Security Notice USN-695-1 December 18, 2008 shadow vulnerability https://launchpad.net/bugs/306082 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: login 1:4.0.13-7ubuntu3.4 Ubuntu 7.10: login 1:4.0.18.1-9ubuntu0.2 Ubuntu 8.04 LTS: login 1:4.0.18.2-1ubuntu2.2 Ubuntu 8.10: login 1:4.1.1-1ubuntu1.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Paul Szabo discovered a race condition in login. While setting up tty permissions, login did not correctly handle symlinks. If a local attacker were able to gain control of the system utmp file, they could cause login to change the ownership and permissions on arbitrary files, leading to a root privilege escalation.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT OSX

nbdst

NBDST(8)						    BSD System Manager's Manual 						  NBDST(8)

NAME

     nbdst -- NetBoot deferred shadow tool

SYNOPSIS

     nbdst [-recycle | -preallocate size] devnode shadowfile

DESCRIPTION

     nbdst is used during NetBoot to associate a shadow file with the disk image being used as the root device. After the shadow file is attached,
     subsequent writes to the root device will be redirected to the shadow file, which normally resides on local storage.  nbdst is invoked by
     /etc/rc.netboot

ARGUMENTS

     The following arguments must be specified:
     devnode	    The device node of the root device, in the form "disk0"
     shadowfile     Path to a shadow file which will be created and associated with the NetBoot root device

OPTIONS

     -recycle  If a shadow file already exists, reset it and use it again.  Otherwise, information written to an existing shadow file will reap-
	       pear.  Reusing a previous shadow file without resetting it requires that the shadow file be created with the same base image.

     -preallocate size
	       Set the shadow file to the given size up front.	This forces a reset of the shadow file (like -recycle).

NOTE

     nbdst can only be run as root.

SEE ALSO

     hdiutil(1), hdik(8)

Mac OS X							    29 Apr 2003 							  Mac OS X