|
KDE KDM PAM Module PAM_SetCred权限提升漏洞
发布时间:2003-09-16
更新时间:2003-09-19
严重程度:高
威胁程度:权限提升
错误类型:设计错误
利用方式:服务器模式
BUGTRAQ ID:8635
CVE(CAN) ID:CAN-2003-0690
受影响系统
KDE KDE 1.1
KDE KDE 1.1.1
KDE KDE 1.1.2
+ Caldera OpenLinux 2.3
+ MandrakeSoft Linux Mandrake 7.0
KDE KDE 1.2
- S.u.S.E. Linux 6.4
KDE KDE 2.0 BETA
KDE KDE 2.0
KDE KDE 2.0.1
+ Conectiva Linux 6.0
KDE KDE 2.1
KDE KDE 2.1.1
KDE KDE 2.1.2
+ Conectiva Linux 7.0
KDE KDE 2.2
KDE KDE 2.2.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Caldera OpenLinux Workstation 3.1.1
KDE KDE 2.2.2
+ Debian Linux 3.0
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 sparc
+ MandrakeSoft Linux Mandrake 8.1
+ MandrakeSoft Linux Mandrake 8.1 ia64
+ MandrakeSoft Linux Mandrake 8.2
+ MandrakeSoft Linux Mandrake 8.2 ppc
+ RedHat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux AS 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 ia64
+ Sun Linux 5.0.5
+ Sun Linux 5.0.6
KDE KDE 3.0
+ Conectiva Linux 8.0
KDE KDE 3.0.1
KDE KDE 3.0.2
+ MandrakeSoft Linux Mandrake 8.2
KDE KDE 3.0.3 a
KDE KDE 3.0.3
+ Conectiva Linux 8.0
+ FreeBSD FreeBSD 4.7 -STABLE
+ MandrakeSoft Linux Mandrake 9.0
KDE KDE 3.0.4
+ Gentoo Linux 1.2
+ Gentoo Linux 1.4 _rc1
KDE KDE 3.0.5 b
KDE KDE 3.0.5 a
+ RedHat Linux 7.3 i386
+ RedHat Linux 8.0 i386
KDE KDE 3.0.5
+ Conectiva Linux 8.0
KDE KDE 3.1
+ RedHat Linux 9.0 i386
KDE KDE 3.1.1 a
KDE KDE 3.1.1
+ Conectiva Linux 9.0
+ S.u.S.E. Linux 8.2
KDE KDE 3.1.2
+ Conectiva Linux 9.0
KDE KDE 3.1.3
详细描述
KDE Display Manager (KDM)结合PAM使用时存在问题,可导致攻击者未授权访问。
KDM没有完整检查pam_setcred()调用,因此在使用PAM模块时,在pam_setcred()调用失败时会导致会话仍旧存活,使一般用户可以以ROOT权限访问。
解决方案
升级到KDE 3.1.4或者补丁下载:
A patch for KDE 2.2.2 is available from
ftp://ftp.kde.org/pub/kde/security_patches :
4672868343b26e0c0eae91fffeff1f7e post-2.2.2-kdebase-kdm.patch
A patch for KDE 3.0.5b is available from
ftp://ftp.kde.org/pub/kde/security_patches :
fde237203fc7b325c34d2f90a463db3f post-3.0.5-kdebase-kdm.patch
A patch for KDE 3.1.3 is available from
ftp://ftp.kde.org/pub/kde/security_patches :
8553c20798b321e333d8c516636f2297 post-3.1.3-kdebase-kdm.patch
相关信息
参考:http://www.securityfocus.com/archive/1/337720 |
|