Nome do pacote
libuser
Data
2011-01-26
ID Alerta
MDVSA-2011:019
Versões afetadas
2009.0 x86_64 , MES5 i586 , 2010.0 x86_64 , 2010.1 i586 , 2010.0 i586 , 2009.0 i586 , CS4.0 i586 , CS4.0 x86_64 , MES5 x86_64 , 2010.1 x86_64

Descrição do problema

A vulnerability has been found and corrected in libuser:

libuser before 0.57 uses a cleartext password value of (1) !! or (2) x
for new LDAP user accounts, which makes it easier for remote attackers
to obtain access by specifying one of these values (CVE-2011-0002).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

Pacotes atualizados

2009.0 x86_64

 7c97f6e1a82f6674873388e6c2ccb235  2009.0/x86_64/lib64user1-0.56.9-2.1mdv2009.0.x86_64.rpm
 37abe1149c3e6e602cfd1e9621e03e82  2009.0/x86_64/lib64user-devel-0.56.9-2.1mdv2009.0.x86_64.rpm
 5e46fc7dd4d31d6a05f221b14899109c  2009.0/x86_64/libuser-0.56.9-2.1mdv2009.0.x86_64.rpm
 8a5e9ae3b52cca038070b411eb38b870  2009.0/x86_64/libuser-ldap-0.56.9-2.1mdv2009.0.x86_64.rpm
 f42063e6d27cad1685d9b66021e8328e  2009.0/x86_64/libuser-python-0.56.9-2.1mdv2009.0.x86_64.rpm 
 6195ca448d84b938fe21d1f2edf1378f  2009.0/SRPMS/libuser-0.56.9-2.1mdv2009.0.src.rpm

MES5 i586

 08fd1e0c14e5c86e418a23ad27401482  mes5/i586/libuser-0.56.9-2.1mdvmes5.1.i586.rpm
 36eddbc333424b33c449b8d1c3befc7d  mes5/i586/libuser1-0.56.9-2.1mdvmes5.1.i586.rpm
 2279332ac99a92a8887466261723fc35  mes5/i586/libuser-devel-0.56.9-2.1mdvmes5.1.i586.rpm
 1e86f7af7fa2319faa4b4325ecf50af1  mes5/i586/libuser-ldap-0.56.9-2.1mdvmes5.1.i586.rpm
 c8797fd70e4bac0fad491dbc637c1bed  mes5/i586/libuser-python-0.56.9-2.1mdvmes5.1.i586.rpm 
 4737264ba1e04fd2113929a3a870bc7a  mes5/SRPMS/libuser-0.56.9-2.1mdvmes5.1.src.rpm

2010.0 x86_64

 85d05e42080e8ad098261b7f10626f1a  2010.0/x86_64/lib64user1-0.56.11-1.1mdv2010.0.x86_64.rpm
 e2f2f311c3e00680b68f40e5189f4b3f  2010.0/x86_64/lib64user-devel-0.56.11-1.1mdv2010.0.x86_64.rpm
 491f4e0c92f99e68ab2ba60dd969e10d  2010.0/x86_64/libuser-0.56.11-1.1mdv2010.0.x86_64.rpm
 f63768ddb727e3bf9b201756747e4f5e  2010.0/x86_64/libuser-ldap-0.56.11-1.1mdv2010.0.x86_64.rpm
 74fa01df91da0fd1b9d37a7bcd91116d  2010.0/x86_64/libuser-python-0.56.11-1.1mdv2010.0.x86_64.rpm 
 2694df315cb32a260064d024722beec9  2010.0/SRPMS/libuser-0.56.11-1.1mdv2010.0.src.rpm

2010.1 i586

 5c942ad8edeaea55a2091479838f602f  2010.1/i586/libuser-0.56.15-3.1mdv2010.2.i586.rpm
 6f3c60d4bdc1acb67a5ac4e4593c7610  2010.1/i586/libuser1-0.56.15-3.1mdv2010.2.i586.rpm
 191f919d23e87ed4108691778c34f082  2010.1/i586/libuser-devel-0.56.15-3.1mdv2010.2.i586.rpm
 b89cb7b101b523807d5b78aba657a724  2010.1/i586/libuser-ldap-0.56.15-3.1mdv2010.2.i586.rpm
 1d6e2b68af335fc1ad493d96854d3df9  2010.1/i586/libuser-python-0.56.15-3.1mdv2010.2.i586.rpm 
 9e651f9eeb0978d060ad26e254c11b64  2010.1/SRPMS/libuser-0.56.15-3.1mdv2010.2.src.rpm

2010.0 i586

 1390c942454ebf498ce5567283850e7e  2010.0/i586/libuser-0.56.11-1.1mdv2010.0.i586.rpm
 054618569e80a6e1767d5e6529399d23  2010.0/i586/libuser1-0.56.11-1.1mdv2010.0.i586.rpm
 1190320b655c4187f7fded7db74faed3  2010.0/i586/libuser-devel-0.56.11-1.1mdv2010.0.i586.rpm
 ba9f0a4af374c840a953de2ac46c80fb  2010.0/i586/libuser-ldap-0.56.11-1.1mdv2010.0.i586.rpm
 41cc3b8d5a823e4a704cfb282fa9c76a  2010.0/i586/libuser-python-0.56.11-1.1mdv2010.0.i586.rpm 
 2694df315cb32a260064d024722beec9  2010.0/SRPMS/libuser-0.56.11-1.1mdv2010.0.src.rpm

2009.0 i586

 ca70c36b0b0d92777fd018d6f3cdd6e2  2009.0/i586/libuser-0.56.9-2.1mdv2009.0.i586.rpm
 43123c3c58d55604307834fd7ada929c  2009.0/i586/libuser1-0.56.9-2.1mdv2009.0.i586.rpm
 f3cfd126ba0c48a73462950fc50588de  2009.0/i586/libuser-devel-0.56.9-2.1mdv2009.0.i586.rpm
 fa5bb059a1d0dd7d58b1d7057e5c0f7f  2009.0/i586/libuser-ldap-0.56.9-2.1mdv2009.0.i586.rpm
 508e8b5bb1fd7e40f078842198f0f7e3  2009.0/i586/libuser-python-0.56.9-2.1mdv2009.0.i586.rpm 
 6195ca448d84b938fe21d1f2edf1378f  2009.0/SRPMS/libuser-0.56.9-2.1mdv2009.0.src.rpm

CS4.0 i586

 9070225e84b5ec4c97728927d58b9434  corporate/4.0/i586/libuser-0.53.2-6.1.20060mlcs4.i586.rpm
 3fca7372f85b38bfb55a9e1e10c75ec0  corporate/4.0/i586/libuser1-0.53.2-6.1.20060mlcs4.i586.rpm
 7ffeb054b227ea45e44bacbcd7438a53  corporate/4.0/i586/libuser1-devel-0.53.2-6.1.20060mlcs4.i586.rpm
 5024fc1f8f479523de5df0123e11fe89  corporate/4.0/i586/libuser-ldap-0.53.2-6.1.20060mlcs4.i586.rpm
 30d7fa230a2f47e325ea375e70752e19  corporate/4.0/i586/libuser-python-0.53.2-6.1.20060mlcs4.i586.rpm 
 f1682ded4b626754df6cc6473188a67a  corporate/4.0/SRPMS/libuser-0.53.2-6.1.20060mlcs4.src.rpm

CS4.0 x86_64

 c0b394abc4fa5166486f04144d2608bb  corporate/4.0/x86_64/lib64user1-0.53.2-6.1.20060mlcs4.x86_64.rpm
 88a8eeeebf4ab9858a92a49cc64ea473  corporate/4.0/x86_64/lib64user1-devel-0.53.2-6.1.20060mlcs4.x86_64.rpm
 338cc3bd6928f941e500894a0f4fd2ec  corporate/4.0/x86_64/libuser-0.53.2-6.1.20060mlcs4.x86_64.rpm
 277e2f281f1bdc3d7eab6df61353622d  corporate/4.0/x86_64/libuser-ldap-0.53.2-6.1.20060mlcs4.x86_64.rpm
 f2f6ee658734f4b99c6c2aca5f6555ec  corporate/4.0/x86_64/libuser-python-0.53.2-6.1.20060mlcs4.x86_64.rpm 
 f1682ded4b626754df6cc6473188a67a  corporate/4.0/SRPMS/libuser-0.53.2-6.1.20060mlcs4.src.rpm

MES5 x86_64

 e4b5455914906b5e4a02f4e0bcc2cf84  mes5/x86_64/lib64user1-0.56.9-2.1mdvmes5.1.x86_64.rpm
 6c48c50ddcac7db31866e4f0564c8b02  mes5/x86_64/lib64user-devel-0.56.9-2.1mdvmes5.1.x86_64.rpm
 1bde510f65afa24f88a736fd6ce80792  mes5/x86_64/libuser-0.56.9-2.1mdvmes5.1.x86_64.rpm
 2599076762dd6552b0d873fa883b3256  mes5/x86_64/libuser-ldap-0.56.9-2.1mdvmes5.1.x86_64.rpm
 52f2f33b577bbac0be8fdcbb8548a627  mes5/x86_64/libuser-python-0.56.9-2.1mdvmes5.1.x86_64.rpm 
 4737264ba1e04fd2113929a3a870bc7a  mes5/SRPMS/libuser-0.56.9-2.1mdvmes5.1.src.rpm

2010.1 x86_64

 45205a3cf4cf90c8fc45bfb5b3f544ed  2010.1/x86_64/lib64user1-0.56.15-3.1mdv2010.2.x86_64.rpm
 b90aab76a88221ed42dfa51272294d91  2010.1/x86_64/lib64user-devel-0.56.15-3.1mdv2010.2.x86_64.rpm
 8c1dbfacfe98699d30d1b6c3e83b966e  2010.1/x86_64/libuser-0.56.15-3.1mdv2010.2.x86_64.rpm
 68294d567786b431654d1b7ec0850214  2010.1/x86_64/libuser-ldap-0.56.15-3.1mdv2010.2.x86_64.rpm
 1b12f17a64c7df7840fbd81f8657c979  2010.1/x86_64/libuser-python-0.56.15-3.1mdv2010.2.x86_64.rpm 
 9e651f9eeb0978d060ad26e254c11b64  2010.1/SRPMS/libuser-0.56.15-3.1mdv2010.2.src.rpm

Referências