Debian Linux PAM验证绕过漏洞

漏洞信息详情

Debian Linux PAM验证绕过漏洞

• CNNVD编号：CNNVD-200210-310
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2002-1227
  
• 漏洞类型：
  
  
  访问验证错误
  
• 发布时间：
  
  2002-10-28
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-09-14
  
• 厂        商：
  
  pam
• 漏洞来源：
  Paul Aurich
  Samuel…

Linux PAM可以用来对用户访问和资源等进行限制。
Debian Linux PAM验证机制存在漏洞，远程攻击者可以利用这个漏洞无需密码访问系统。
PAM 0.76版本把\”锁住\”的密码(口令文件中的密码字段为\’\’*\’\’)作为空密码处理，并可以通过正常的登录过程对系统进行访问。密码文件中所有密码字段为\’\’*\’\’的帐户，并且相关SHELL不为/bin/false的情况下，远程攻击者可以利用这些帐户访问受限制的系统。

临时解决方法：
如果您不能立刻安装补丁或者升级，CNNVD建议您采取以下措施以降低威胁：

* 修改/etc/passwd，确保密码字段为’*’的帐户其相关SHELL为/bin/false。
厂商补丁：
Debian
——
Debian已经为此发布了一个安全公告(DSA-177-1)以及相应补丁:

DSA-177-1：New PAM packages fix serious security violation in Debian/unstable

链接：http://www.debian.org/security/2002/dsa-177” target=”_blank”>
http://www.debian.org/security/2002/dsa-177

补丁下载：

Source archives:

http://ftp.debian.org/debian/pool/main/p/pam/pam_0.76-6.dsc” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/pam_0.76-6.dsc

Size/MD5 checksum: 732 c7661ad0dcbc7df4ca967e58e93edd2e

http://ftp.debian.org/debian/pool/main/p/pam/pam_0.76-6.diff.gz” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/pam_0.76-6.diff.gz

Size/MD5 checksum: 87185 39d8f45620b6750b34ad9128814328e7

http://ftp.debian.org/debian/pool/main/p/pam/pam_0.76.orig.tar.gz” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/pam_0.76.orig.tar.gz

Size/MD5 checksum: 424671 22dd4019934cbd71bc67f13a5c2e10ec

Architecture independent components:

http://ftp.debian.org/debian/pool/main/p/pam/libpam-doc_0.76-6_all.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-doc_0.76-6_all.deb

Size/MD5 checksum: 651724 b3fc72ee81ac4e4413c696ec42fa4ef3

http://ftp.debian.org/debian/pool/main/p/pam/libpam-runtime_0.76-6_all.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-runtime_0.76-6_all.deb

Size/MD5 checksum: 51922 28398b55b183e122984c4bf1a64183a9

Alpha architecture:

http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_alpha.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_alpha.deb

Size/MD5 checksum: 53808 462dcd1a02dd799b761a05687cf08699

http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_alpha.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_alpha.deb

Size/MD5 checksum: 179588 e2719b40c82af6891471c7182d8008f7

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_alpha.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_alpha.deb

Size/MD5 checksum: 74146 727185b2d9c55a084105e2e4c43afcd0

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_alpha.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_alpha.deb

Size/MD5 checksum: 116148 970c63cf78a3b7311e122069225caa06

ARM architecture:

http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_arm.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_arm.deb

Size/MD5 checksum: 52268 c8f6709b9b92cac992168bfa957762cd

http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_arm.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_arm.deb

Size/MD5 checksum: 153494 12a21eb18e0cb8fb3043c23a78b410a8

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_arm.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_arm.deb

Size/MD5 checksum: 67952 bf8953d4d7227a5f8c837921da2745c4

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_arm.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_arm.deb

Size/MD5 checksum: 110738 10ecfcb5e44bb5af98deb4f5b27c16cb

Intel IA-32 architecture:

http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_i386.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_i386.deb

Size/MD5 checksum: 52116 f91a3a10c47a08aae349bd16d161a644

http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_i386.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_i386.deb

Size/MD5 checksum: 146290 88216fe253c9e5042e8a6902bc807153

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_i386.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_i386.deb

Size/MD5 checksum: 67504 a02c56dfa8949cf9abc071fc3b75ade1

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_i386.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_i386.deb

Size/MD5 checksum: 107490 366d7a40aecdc674920c76f8c71684b3

Intel IA-64 architecture:

http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_ia64.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_ia64.deb

Size/MD5 checksum: 56320 a52fc9867c6af83788e5d999fb3c5289

http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_ia64.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_ia64.deb

Size/MD5 checksum: 204086 1b85b7156e03bef224c783e45c4f8f36

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_ia64.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_ia64.deb

Size/MD5 checksum: 81374 76d3f1c7665854f137457f7d0e75d995

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_ia64.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_ia64.deb

Size/MD5 checksum: 118930 31ff873794cfaf4da938340fbf87c275

HP Precision architecture:

http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_hppa.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_hppa.deb

Size/MD5 checksum: 53646 10dce03fd0f16e7bb25cc7263b679cd2

http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_hppa.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_hppa.deb

Size/MD5 checksum: 171266 23439afca3810b039e65e3ff5a626336

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_hppa.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_hppa.deb

Size/MD5 checksum: 72066 166e7a5b1f72b0585b1d1fa06d5ac4f0

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_hppa.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_hppa.deb

Size/MD5 checksum: 113166 bb97068c08d1e98c37a439ff044dfe0c

Motorola 680×0 architecture:

http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_m68k.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_m68k.deb

Size/MD5 checksum: 51886 aa1a506bbabef00284d5761e891edd3d

http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_m68k.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-modules_0.76-6_m68k.deb

Size/MD5 checksum: 151202 6064da7ddbc9ecf958e52e586b4d5fe0

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_m68k.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g_0.76-6_m68k.deb

Size/MD5 checksum: 67578 3586a306ffe39e0b57b6ebd37196fbc7

http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_m68k.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam0g-dev_0.76-6_m68k.deb

Size/MD5 checksum: 106684 db2c282058e7b2d78cb41bd7ab1bc082

Big endian MIPS architecture:

http://ftp.debian.org/debian/pool/main/p/pam/libpam-cracklib_0.76-6_mips.deb” target=”_blank”>
http://ftp.debian.org/debian/pool/main/p/pam/libpam-