[USN-670-1] VMBuilder vulnerability
Date: Thu, 13 Nov 2008 20:11:17 -0600
From: Jamie Strandboge <jamie@canonical.com.>
To: [email protected]
Subject: [USN-670-1] VMBuilder vulnerability
Message-ID: <20081114021117.GA4736@severus.strandboge.com.>
Reply-To: Jamie Strandboge <jamie@canonical.com.>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="Kj7319i9nmIyA2yE"
Content-Disposition: inline
User-Agent: Mutt/1.5.18 (2008-05-17)
X-Virus-Scanned: antivirus-gw at tyumen.ru
--Kj7319i9nmIyA2yE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Ubuntu Security Notice USN-670-1 November 13, 2008
vm-builder vulnerability
https://bugs.launchpad.net/+bug/296841
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS
Ubuntu 8.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
passwd 1:4.0.13-7ubuntu3.3
Ubuntu 7.10:
passwd 1:4.0.18.1-9ubuntu0.1
Ubuntu 8.04 LTS:
passwd 1:4.0.18.2-1ubuntu2.1
Ubuntu 8.10:
passwd 1:4.1.1-1ubuntu1.1
python-vm-builder 0.9-0ubuntu3.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Mathias Gug discovered that vm-builder improperly set the root
password when creating virtual machines. An attacker could exploit
this to gain root privileges to the virtual machine by using a
predictable password.
This vulnerability only affects virtual machines created with
vm-builder under Ubuntu 8.10, and does not affect native Ubuntu
installations. An update was made to the shadow package to detect
vulnerable systems and disable password authentication for the
root account. Vulnerable virtual machines which an attacker has
access to should be considered compromised, and appropriate actions
taken to secure the machine.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.13-7ubuntu3.3.diff.gz
Size/MD5: 206560 86db587aab7fb6add48a269dae827c10
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.13-7ubuntu3.3.dsc
Size/MD5: 893 2f8d9ed7b6ce8a5d857b009b1550fd68
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.13.orig.tar.gz
Size/MD5: 1622557 034fab52e187e63cb52f153bb7f304c8
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.13-7ubuntu3.3_amd64.deb
Size/MD5: 249562 da2146d8b42163d6ed8c6c801e2d208c
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.13-7ubuntu3.3_amd64.deb
Size/MD5: 683736 51948263e9c625e7f081ca4ab6523dce
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.13-7ubuntu3.3_i386.deb
Size/MD5: 241068 610cef355f91fea932a546726232b7f6
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.13-7ubuntu3.3_i386.deb
Size/MD5: 616726 cabec9273cef1392ca453d4b1af51eec
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.13-7ubuntu3.3_powerpc.deb
Size/MD5: 251446 1f6ca96db573d0cde9345050b10bb758
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.13-7ubuntu3.3_powerpc.deb
Size/MD5: 665312 e36712a8439d97f3a0448779642b1113
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.13-7ubuntu3.3_sparc.deb
Size/MD5: 240030 da5bb560151677024cab1cb9af326a93
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.13-7ubuntu3.3_sparc.deb
Size/MD5: 620364 c22e9d1bc09fe4e7f1370d451472caac
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.1-9ubuntu0.1.diff.gz
Size/MD5: 148053 2153b473369cbe69b09b6e954003166d
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.1-9ubuntu0.1.dsc
Size/MD5: 1077 407685adb0036e81018a56d54cd6ddfe
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.1.orig.tar.gz
Size/MD5: 2354234 3f54eaa3a35e7c559f4def92e9957581
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.1-9ubuntu0.1_amd64.deb
Size/MD5: 327376 5f0e0a0c6fbaa7af3a2b246828576e70
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.1-9ubuntu0.1_amd64.deb
Size/MD5: 795820 0f8ccb35fcc51086a35db0a5f2686300
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.1-9ubuntu0.1_i386.deb
Size/MD5: 320252 fbebb0aa037d50148d35332715fb211d
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.1-9ubuntu0.1_i386.deb
Size/MD5: 716042 457210a055cffd9a1855532422581d4a
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.0.18.1-9ubuntu0.1_lpia.deb
Size/MD5: 317094 ae6795e8423e200ef60e96f83a47ab96
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.0.18.1-9ubuntu0.1_lpia.deb
Size/MD5: 709672 573ad8c4f67fb7dea720e826854ead8e
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.1-9ubuntu0.1_powerpc.deb
Size/MD5: 328422 84c3e42d3b2c5bbb8a1f75ed966b42b8
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.1-9ubuntu0.1_powerpc.deb
Size/MD5: 874966 954d6b7b5c3735626ea1385c3e1eddeb
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.1-9ubuntu0.1_sparc.deb
Size/MD5: 322186 69efe5e3508518694e38030c61c603ef
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.1-9ubuntu0.1_sparc.deb
Size/MD5: 725220 ae0c71e0d45b5bba0d952552a211da11
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.2-1ubuntu2.1.diff.gz
Size/MD5: 91711 8e4f421c8d27511aba9285744802b504
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.2-1ubuntu2.1.dsc
Size/MD5: 1160 1524873578db272d836a7d02ec1fa846
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.0.18.2.orig.tar.gz
Size/MD5: 2501791 c3cf8814cc1323ecafd953b00efcba50
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.2-1ubuntu2.1_amd64.deb
Size/MD5: 261382 6f6235ea5b9ca5b152563bbf9d4cde4a
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.2-1ubuntu2.1_amd64.deb
Size/MD5: 645332 186b8730483174ea75dafe425e1260a4
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.0.18.2-1ubuntu2.1_i386.deb
Size/MD5: 255198 005c58d0964b57dff146c09692c07798
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.0.18.2-1ubuntu2.1_i386.deb
Size/MD5: 566210 e524467fe37f0e791129190a0aca01ab
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.0.18.2-1ubuntu2.1_lpia.deb
Size/MD5: 253736 5a2f5b96d939d18af22f4bfb1dda8558
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.0.18.2-1ubuntu2.1_lpia.deb
Size/MD5: 565542 fe962454f56801493ec147c8e8c24f1d
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.0.18.2-1ubuntu2.1_powerpc.deb
Size/MD5: 262990 646a6389c912eedefad34c2a7f3625c0
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.0.18.2-1ubuntu2.1_powerpc.deb
Size/MD5: 716822 7fd10e7dd1d948eafca991e083eb19f1
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.0.18.2-1ubuntu2.1_sparc.deb
Size/MD5: 257688 6f91c97f97703d9cfbe74e2c9d70fde0
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.0.18.2-1ubuntu2.1_sparc.deb
Size/MD5: 576118 f4ba465d6b49c347a3cfd6583186aa85
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.1.1-1ubuntu1.1.diff.gz
Size/MD5: 77465 cb93d5a7b3e454e9a6e2508ba778a42f
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.1.1-1ubuntu1.1.dsc
Size/MD5: 1664 a898645ed7d684b8793458ba0b6cbbc5
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/shadow_4.1.1.orig.tar.gz
Size/MD5: 2720267 ae893c18fdb0a89bc7991ba1098f1446
http://security.ubuntu.com/ubuntu/pool/universe/v/vm-builder/vm-builder_0.9-0ubuntu3.1.diff.gz
Size/MD5: 21565 04af0e267d97387cb809343e74373ad2
http://security.ubuntu.com/ubuntu/pool/universe/v/vm-builder/vm-builder_0.9-0ubuntu3.1.dsc
Size/MD5: 1206 8d5f90bea4044e7401af35ee7987e026
http://security.ubuntu.com/ubuntu/pool/universe/v/vm-builder/vm-builder_0.9.orig.tar.gz
Size/MD5: 22349 c141e399df7860924c690559cddfc18f
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/v/vm-builder/python-vm-builder-ec2_0.9-0ubuntu3.1_all.deb
Size/MD5: 3992 6fe97a955e0999193d09ac85baaed506
http://security.ubuntu.com/ubuntu/pool/universe/v/vm-builder/python-vm-builder_0.9-0ubuntu3.1_all.deb
Size/MD5: 192600 32fcecc0265e4fe7dafc47a1870d7f60
http://security.ubuntu.com/ubuntu/pool/universe/v/vm-builder/ubuntu-vm-builder_0.9-0ubuntu3.1_all.deb
Size/MD5: 1890 9430d7a9ae9ad3b1e62bf8ed1da75167
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.1.1-1ubuntu1.1_amd64.deb
Size/MD5: 308110 a80dad8155d7e72e0ea606da4b263208
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.1.1-1ubuntu1.1_amd64.deb
Size/MD5: 884672 f0b852ce5c6a2f78ff42f4f1ac07098e
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.1.1-1ubuntu1.1_i386.deb
Size/MD5: 299874 84fa6487a6e963332758881ab1feef85
http://security.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.1.1-1ubuntu1.1_i386.deb
Size/MD5: 786620 b2c15eeed5df1678804c73db65d94aa0
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.1.1-1ubuntu1.1_lpia.deb
Size/MD5: 299818 6e3f935ea4b4b367ebf551f726c6e465
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.1.1-1ubuntu1.1_lpia.deb
Size/MD5: 785976 99a65c60e78cb0c18ff3fa411707941a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.1.1-1ubuntu1.1_powerpc.deb
Size/MD5: 305722 37a40976e0a3a5d7c33a41f9856107c4
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.1.1-1ubuntu1.1_powerpc.deb
Size/MD5: 901254 5e8ae200712c3673049364c193487f44
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/s/shadow/login_4.1.1-1ubuntu1.1_sparc.deb
Size/MD5: 303554 34d29aa7f443bea63afe57a483a899b2
http://ports.ubuntu.com/pool/main/s/shadow/passwd_4.1.1-1ubuntu1.1_sparc.deb
Size/MD5: 813862 034459da1cf3046b5a6ea6a3323ceea8
--Kj7319i9nmIyA2yE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkkc3kUACgkQW0JvuRdL8BrtKACcD/aRyU3zcTXUCe0RgQ2mrdP3
bjsAoIj5snkPQ13uvqUDdLhukc7GmbsK
=6/f8
-----END PGP SIGNATURE-----
--Kj7319i9nmIyA2yE--