-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- --- english/security/2002/dsa-120.wml 2002-03-11 03:48:15.0 +0500
+++ russian/security/2002/dsa-120.wml 2016-08-27 18:21:59.688284594 +0500
@@ -1,25 +1,26 @@
- -buffer overflow
+#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov"
+пеÑеполнение бÑÑеÑа
- -Ed Moyle recently
+Ðд Ðоил недавно
http://archives.neohapsis.com/archives/bugtraq/2002-02/0313.html;>\
- -found a buffer overflow in Apache-SSL and mod_ssl.
- -With session caching enabled, mod_ssl will serialize SSL session
- -variables to store them for later use. These variables were stored in
- -a buffer of a fixed size without proper boundary checks.
+обнаÑÑжил пеÑеполнение бÑÑеÑа в Apache-SSL и
mod_ssl.
+ÐÑли вклÑÑено кеÑиÑование ÑеÑÑии, Ñо mod_ssl
вÑполнÑÐµÑ ÑеÑиализаÑÐ¸Ñ Ð¿ÐµÑеменнÑÑ
+ÑеÑÑии SSL Ñ ÑелÑÑ Ð¸Ñ
ÑоÑ
ÑÐ°Ð½ÐµÐ½Ð¸Ñ Ð´Ð»Ñ
далÑнейÑего иÑполÑзованиÑ. ÐÑи пеÑеменнÑÑ
ÑоÑ
ÑанÑÑÑÑÑ
+в бÑÑеÑе ÑикÑиÑованного ÑазмеÑа, а
пÑовеÑка гÑÐ°Ð½Ð¸Ñ Ð½Ðµ пÑоизводиÑÑÑ.
- -To exploit the overflow, the server must be configured to require client
- -certificates, and an attacker must obtain a carefully crafted client
- -certificate that has been signed by a Certificate Authority which is
- -trusted by the server. If these conditions are met, it would be possible
- -for an attacker to execute arbitrary code on the server.
+ÐÐ»Ñ Ñого, ÑÑÐ¾Ð±Ñ Ð¸ÑполÑзоваÑÑ ÑÑо
пеÑеполнение, ÑеÑÐ²ÐµÑ Ð´Ð¾Ð»Ð¶ÐµÐ½ ÑÑебоваÑÑ
клиенÑÑкие
+ÑеÑÑиÑикаÑÑ, а злоÑмÑÑленник должен
полÑÑиÑÑ ÑпеÑиалÑно ÑÑоÑмиÑованнÑй
клиенÑÑкий
+ÑеÑÑиÑикаÑ, подпиÑаннÑй авÑоÑиÑеÑом,
коÑоÑÐ¾Ð¼Ñ Ð´Ð¾Ð²ÐµÑÑÐµÑ ÑÑоÑ
+ÑеÑвеÑ. ÐÑли ÑÑи ÑÑÐ»Ð¾Ð²Ð¸Ñ Ð²ÑполненÑ, Ñо
злоÑмÑÑленник можеÑ
+вÑполниÑÑ Ð¿ÑоизволÑнÑй код на ÑеÑвеÑе.
- -This problem has been fixed in version 1.3.9.13-4 of Apache-SSL and
- -version 2.4.10-1.3.9-1potato1 of libapache-mod-ssl for the stable
- -Debian distribution as well as in version 1.3.23.1+1.47-1 of
- -Apache-SSL and version 2.8.7-1 of libapache-mod-ssl for the testing
- -and unstable distribution of Debian.
+ÐÑа пÑоблема бÑла иÑпÑавлена в веÑÑии
1.3.9.13-4 пакеÑа Apache-SSL и
+в веÑÑии 2.4.10-1.3.9-1potato1 пакеÑа libapache-mod-ssl длÑ
ÑÑабилÑного
+вÑпÑÑка Debian, а Ñакже в веÑÑии 1.3.23.1+1.47-1
пакеÑа
+Apache-SSL и в веÑÑии 2.8.7-1 пакеÑа libapache-mod-ssl длÑ
ÑеÑÑиÑÑемого
+и неÑÑабилÑного вÑпÑÑков Debian.
- -We recommend that you upgrade your Apache-SSL and mod_ssl packages.
+РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ Apache-SSL и
mod_ssl.
# do not modify the following line
- --- english/security/2002/dsa-177.wml 2002-10-31 20:25:34.0 +0500
+++ russian/security/2002/dsa-177.wml 2016-08-27 18:29:19.058310940 +0500
@@ -1,27 +1,28 @@
- -serious security violation
+#use wml::debian::translation-check translation="1.3" maintainer="Lev Lamberov"
+ÑеÑÑÑзное наÑÑÑение
безопаÑноÑÑи
- -A serious security violation in PAM was discovered.
- -Disabled passwords (i.e. those with '*' in the
- -password file) were classified as empty password and access to such
- -accounts is granted through the regular login procedure (getty,
- -telnet, ssh). This works for all such accounts whose shell field in
- -the password file does not refer to /bin/false.
- -Only version 0.76 of PAM seems to be affected by this problem.
+Ð PAM бÑло обнаÑÑжено ÑеÑÑÑзное наÑÑÑение
безопаÑноÑÑи.
+ÐÑклÑÑеннÑе паÑоли (Ñо еÑÑÑ, паÑоли Ñ '*' в
+Ñайле паÑолей) клаÑÑиÑиÑиÑÑÑÑÑÑ ÐºÐ°Ðº
пÑÑÑÑе паÑоли, доÑÑÑп к Ñаким
+ÑÑÑÑнÑм запиÑÑм даÑÑÑÑ ÑеÑез обÑÑнÑÑ
пÑоÑедÑÑÑ Ð²Ñ
ода (getty,
+telnet, ssh). ÐÑо ÑабоÑÐ°ÐµÑ Ð´Ð»Ñ Ð²ÑеÑ
ÑÑÑÑнÑÑ
запиÑей, Ñ ÐºÐ¾ÑоÑÑÑ
поле командной ÑÑÑоки в
+Ñайле паÑолей не ÑодеÑÐ¶Ð¸Ñ /bin/false.
+Ðак кажеÑÑÑ, ÑÑой пÑоблеме подвеÑжена
ÑолÑко веÑÑÐ¸Ñ 0.76 PAM.
- -This problem has been fixed in version 0.76-6 for the current unstable
- -distribution (sid). The stable distribution (woody), the old stable
- -distribution (potato) and the testing distribution (sarge) are not
- -affected by this problem.
+ÐÑа пÑоблема бÑла