[Bug 242690] Re: Ctrl+C might allow to bypass authentication
The operator precedence you quote from line 696 looks like the fixed one, not the buggy one ? -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
Naive question about a bug that was closed a year ago...
Can a user do a similar thing with pam_pgsql when changing her password?
For example the operator precedence in pam_sm_chauthtok() line 696 is:
if ((rc = pam_get_pass(pamh, PAM_OLDAUTHTOK, pass, PASSWORD_PROMPT,
options-std_flags)) == PAM_SUCCESS) {
which is identical to the buggy operator precedence being performed in
the old version of pam_sm_authenticate(). Is it possible for a
malicious user to change a victim's password in this way if pam_pgsql is
used and the victim walked away without locking their screen?
Reid
--
Ctrl+C might allow to bypass authentication
https://bugs.launchpad.net/bugs/242690
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
** Changed in: pam-pgsql (Ubuntu Intrepid) Status: Fix Committed = Fix Released -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
Subscribing ubuntu-universe-sponsors to help getting the fake-sync in comment 2 into Intrepid first. -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
** Changed in: pam-pgsql (Ubuntu Gutsy) Status: Triaged = Fix Committed ** Changed in: pam-pgsql (Ubuntu Hardy) Status: Triaged = Fix Committed -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
** Changed in: pam-pgsql (Ubuntu Intrepid) Status: Triaged = Fix Committed -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
This bug was fixed in the package pam-pgsql - 0.6.3-0ubuntu1.8.04.1 --- pam-pgsql (0.6.3-0ubuntu1.8.04.1) hardy-security; urgency=low * SECURITY UPDATE: local users may bypass authentication and gain privileges by sending CTRL-C at the password prompt. * pam_pgsql.c: applied Debian patch to fix operator precedence (Fixes LP: #242690) * pam_get_service.c: applied Debian patch from 0.6.3-2 to fix FTBFS * References CVE-2008-2516 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481970 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441679 -- Thierry Carrez [EMAIL PROTECTED] Wed, 25 Jun 2008 21:04:24 +0200 ** Changed in: pam-pgsql (Ubuntu Hardy) Status: Fix Committed = Fix Released ** Changed in: pam-pgsql (Ubuntu Gutsy) Status: Fix Committed = Fix Released -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
This bug was fixed in the package pam-pgsql - 0.6.3-0ubuntu1.7.10.1 --- pam-pgsql (0.6.3-0ubuntu1.7.10.1) gutsy-security; urgency=low * SECURITY UPDATE: local users may bypass authentication and gain privileges by sending CTRL-C at the password prompt. * pam_pgsql.c: applied Debian patch to fix operator precedence (Fixes LP: #242690) * pam_get_service.c: applied Debian patch from 0.6.3-2 to fix FTBFS * References CVE-2008-2516 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481970 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441679 -- Thierry Carrez [EMAIL PROTECTED] Wed, 25 Jun 2008 19:26:46 + -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
Here is the debdiff for hardy. I had to apply an extra patch because the current version in hardy FTBFS. I have tested that it closes the hole, but I've not tested that there are no regressions in usual features. ** Attachment added: pam-pgsql_0.6.3-0ubuntu1.1.debdiff http://launchpadlibrarian.net/15579527/hardy.debdiff -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
New debdiff for hardy, with proper version number. Furthermore I've tested on a basic setup that there was no obvious regression. I'm working on the gutsy one. ** Attachment added: pam-pgsql_0.6.3-0ubuntu1.8.04.1.debdiff http://launchpadlibrarian.net/15606923/pam-pgsql_0.6.3-0ubuntu1.8.04.1.debdiff -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
Debdiff for gutsy. The package also FTBFS in pbuilder so I applied the same patch. ** Attachment added: pam-pgsql_0.6.3-0ubuntu1.7.10.1.debdiff http://launchpadlibrarian.net/15607234/pam-pgsql_0.6.3-0ubuntu1.7.10.1.debdiff -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
Are you able to prepare and test fixes for Gutsy and Hardy as well? Simply applying that parentheses-addition patch should do, but I've nowhere to test this. ** Changed in: pam-pgsql (Ubuntu Gutsy) Importance: Undecided = High Status: New = Triaged ** Changed in: pam-pgsql (Ubuntu Hardy) Importance: Undecided = High Status: New = Triaged ** Changed in: pam-pgsql (Ubuntu Intrepid) Importance: Undecided = High Status: New = Triaged -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
The minimal fix, for the record (and learning). ** Attachment added: CVE-2008-2516.patch http://launchpadlibrarian.net/15562272/security_481970.patch ** Visibility changed to: Public -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
Debdiff for the fake sync to 0.6.3-2 to intrepid ** Attachment added: pam-pgsql_0.6.3-0ubuntu1_to_pam-pgsql_0.6.3-2build1.debdiff http://launchpadlibrarian.net/15563014/fakesync2.debdiff ** Bug watch added: Debian Bug tracker #481970 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481970 ** Also affects: pam-pgsql (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481970 Importance: Unknown Status: Unknown -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 242690] Re: Ctrl+C might allow to bypass authentication
** Changed in: pam-pgsql (Debian) Status: Unknown = Fix Released -- Ctrl+C might allow to bypass authentication https://bugs.launchpad.net/bugs/242690 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
