Ubuntu Update For Shadow Vulnerability USN-695-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-695-1

Solution

Please Install the Updated Packages.

Insight

Paul Szabo discovered a race condition in login. While setting up tty permissions, login did not correctly handle symlinks. If a local attacker were able to gain control of the system utmp file, they could cause login to change the ownership and permissions on arbitrary files, leading to a root privilege escalation.

Affected

shadow vulnerability on Ubuntu 6.06 LTS , Ubuntu 7.10 , Ubuntu 8.04 LTS , Ubuntu 8.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-December/000809.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-5394

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for dbus-glib USN-1753-1
Ubuntu Update for ffmpeg, ffmpeg-debian regression USN-931-2
Ubuntu Update for bash USN-2364-1
Ubuntu Update for apturl, Epiphany, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update USN-930-2
Ubuntu Update for ekiga, gnomemeeting vulnerabilities USN-426-1

Ubuntu Update for shadow vulnerability USN-695-1

Take action and discover your vulnerabilities