[Pkg-shadow-devel] Bug#360657: passwd SIGSEGV on empty password

Matteo Croce rootkit85 at yahoo.it
Mon Apr 3 20:59:32 UTC 2006


Package: passwd
Version: 1:4.0.14-9
Severity: critical
Tags: security
Justification: root security hole

Just press ^D instead of the new password and passwd will segfaults.
I think that this is grave because it's set uid root.

$ passwd
Changing password for matteo
(current) UNIX password:
Enter new UNIX password:^D
Retype new UNIX password:^D
Segmentation fault
[~]$

Cheers,
Matteo Croce

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (990, 'testing'), (50, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.16
Locale: LANG=it_IT at euro, LC_CTYPE=it_IT at euro (charmap=ISO-8859-15)

Versions of packages passwd depends on:
ii  debianutils                   2.15.3     Miscellaneous utilities specific t
ii  libc6                         2.3.6-4    GNU C Library: Shared libraries an
ii  libpam-modules                0.79-3.1   Pluggable Authentication Modules f
ii  libpam0g                      0.79-3.1   Pluggable Authentication Modules l
ii  libselinux1                   1.30-1     SELinux shared libraries
ii  login                         1:4.0.14-9 system login tools

passwd recommends no packages.

-- debconf information excluded




More information about the Pkg-shadow-devel mailing list