漏洞信息详情
PAM pam_xauth模块未计划X会话cookie访问漏洞
- CNNVD编号:CNNVD-200302-046
- 危害等级: 高危
![图片[1]-PAM pam_xauth模块未计划X会话cookie访问漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-12/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2002-1160
- 漏洞类型:
其他
- 发布时间:
2003-02-19
- 威胁类型:
本地
- 更新时间:
2005-05-13
- 厂 商:
redhat - 漏洞来源:
The discovery of t… -
漏洞简介
Pam_xauth模块的默认设置将MIT-Magic-Cookies转送到新X会话,本地用户可以利用该漏洞,通过从临时.xauth文件窃取cookie获取根权限,该文件在根使用su创建后具有原始用户的证书。
漏洞公告
Mandrake has released a security advisory (MDKSA-2003:017) containing fixes to address this issue.
Red Hat has released security advisory (RHSA-2003:035-10) containing fixes to address this issue. Users are advised to upgrade as soon as possible.
Red Hat has also released a security advisory (RHSA-2003:028-12) to address this issue in Enterprise Linux. Fixes have been made available via the Red Hat Network (RHN). Further information can be found in the attached advisory.
Conectiva has released updates to correct this issue. See the referenced advisory for more details.
Sun has released a fix for Sun Linux 5.0.6.
Fixes available:
pam_xauth pam_xauth 0.74
-
RedHat pam-0.75-46.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/pam-0.75-46.7.1.i386.rpm -
RedHat pam-devel-0.75-46.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/pam-devel-0.75-46.7.1.i386.rpm
pam_xauth pam_xauth 0.75
-
Conectiva pam-0.75-5U80_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/pam-0.75-5U80_1cl.i386.rpm -
Conectiva pam-devel-0.75-5U80_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/pam-devel-0.75-5U80_1cl.i38
6.rpm -
Conectiva pam-devel-static-0.75-5U80_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/pam-devel-static-0.75-5U80_
1cl.i386.rpm -
Mandrake pam-0.75-25.1mdk.i586.rpmMandrake Linux 8.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-0.75-25.1mdk.i586.rpmMandrake Linux 8.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-0.75-25.1mdk.i586.rpmMandrake Linux 9.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-0.75-25.1mdk.i586.rpmMulti Network Firewall 8.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-0.75-25.1mdk.ia64.rpmMandrake Linux 8.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-0.75-25.1mdk.ppc.rpmMandrake Linux 8.2 PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-0.75-25.1mdk.src.rpmMandrake Linux 8.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-0.75-25.1mdk.src.rpmMandrake Linux 8.1 ia64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-0.75-25.1mdk.src.rpmMandrake Linux 8.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-0.75-25.1mdk.src.rpmMandrake Linux 8.2 PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-0.75-25.1mdk.src.rpmMandrake Linux 9.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-0.75-25.1mdk.src.rpmMulti Network Firewall 8.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-devel-0.75-25.1mdk.i586.rpmMandrake Linux 8.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-devel-0.75-25.1mdk.i586.rpmMandrake Linux 8.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-devel-0.75-25.1mdk.i586.rpmMandrake Linux 9.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-devel-0.75-25.1mdk.ia64.rpmMandrake Linux 8.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-devel-0.75-25.1mdk.ppc.rpmMandrake Linux 8.2 PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-doc-0.75-25.1mdk.i586.rpmMandrake Linux 8.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-doc-0.75-25.1mdk.i586.rpmMandrake Linux 8.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-doc-0.75-25.1mdk.i586.rpmMandrake Linux 9.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-doc-0.75-25.1mdk.ia64.rpmMandrake Linux 8.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam-doc-0.75-25.1mdk.ppc.rpmMandrake Linux 8.2 PPC
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam_ldap-156-1.1mdk.i586.rpmMandrake Linux 8.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam_ldap-156-1.1mdk.i586.rpmMandrake Linux 8.2
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam_ldap-156-1.1mdk.i586.rpmMandrake Linux 9.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam_ldap-156-1.1mdk.ia64.rpmMandrake Linux 8.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake pam_ldap-156-1.1mdk.ppc.rpmMandrake Linux 8.2 PPC
http://www.mandrakesecure.net/en/ftp.php -
Red Hat pam-0.75-46.7.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/iSeries/ppc/pam-0.75-46.7.1.ppc.rpm
-
Red Hat pam-0.75-46.7.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/pSeries/ppc/pam-0.75-46.7.1.ppc.rpm
-
Red Hat pam-devel-0.75-46.7.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/iSeries/ppc/pam-devel-0.75-46.7.1.p
pc.rpm -
Red Hat pam-devel-0.75-46.7.1.ppc.rpm
ftp://updates.redhat.com/7.1/en/os/pSeries/ppc/pam-devel-0.75-46.7.1.p
pc.rpm -
RedHat pam-0.75-46.7.2.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/pam-0.75-46.7.2.i386.rpm
参考网址
来源:US-CERT Vulnerability Note: VU#911505
名称: VU#911505
链接:http://www.kb.cert.org/vuls/id/911505
来源: BUGTRAQ
名称: 20021214 BDT_AV200212140001: Insecure default: Using pam_xauth for su from sh-utils package
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=104431622818954&w=2
来源: XF
名称: linux-pamxauth-gain-privileges(11254)
链接:http://www.iss.net/security_center/static/11254.php
来源: BID
名称: 6753
链接:http://www.securityfocus.com/bid/6753
来源: REDHAT
名称: RHSA-2003:035
链接:http://www.redhat.com/support/errata/RHSA-2003-035.html
来源: REDHAT
名称: RHSA-2003:028
链接:http://www.redhat.com/support/errata/RHSA-2003-028.html
来源: MANDRAKE
名称: MDKSA-2003:017
链接:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:017
来源: SUNALERT
名称: 55760
链接:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55760
来源: CONECTIVA
名称: CLA-2003:693
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000693
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
