Debian update for shadow - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

Debian update for shadow

Secunia Advisory:	SA21480
Release Date:	2006-08-14
Last Update:	2006-08-17

Critical:	Less critical
Impact:	Privilege escalation
Where:	Local system
Solution Status:	Vendor Patch

OS:	Debian GNU/Linux 3.1 Debian GNU/Linux unstable alias sid


CVE reference:	CVE-2006-3378 (Secunia mirror)

	Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS!

Description: Debian has issued an update for shadow. This fixes a security issue, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA20963 Solution: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/s/shadow/shadow_4.0.3-31sarge8.dsc Size/MD5 checksum: 839 41bfb3755b2ce8757503ddacdc16ce2e http://security.debian.org/pool/updat.../shadow/shadow_4.0.3-31sarge8.diff.gz Size/MD5 checksum: 1319891 37ff81fdb6257fd5fbf0dac750994a17 http://security.debian.org/pool/updates/main/s/shadow/shadow_4.0.3.orig.tar.gz Size/MD5 checksum: 1045704 b52dfb2e5e8d9a4a2aae0ca1b266c513 Alpha architecture: http://security.debian.org/pool/updat...shadow/login_4.0.3-31sarge8_alpha.deb Size/MD5 checksum: 592990 fc32b98aaa86270b24ffcbcc628c6b53 http://security.debian.org/pool/updat...hadow/passwd_4.0.3-31sarge8_alpha.deb Size/MD5 checksum: 693290 df12c75d0cb8a4ed74cf3d9b9a42b544 AMD64 architecture: http://security.debian.org/pool/updat...shadow/login_4.0.3-31sarge8_amd64.deb Size/MD5 checksum: 583790 a6fa0e91cff19cce477ffa2ef9c15a51 http://security.debian.org/pool/updat...hadow/passwd_4.0.3-31sarge8_amd64.deb Size/MD5 checksum: 598818 bd00af826eb416d84a806d3b85aae20a ARM architecture: http://security.debian.org/pool/updat...s/shadow/login_4.0.3-31sarge8_arm.deb Size/MD5 checksum: 573182 ff4ee5cfa0a41db6b0d3828b85791eb1 http://security.debian.org/pool/updat.../shadow/passwd_4.0.3-31sarge8_arm.deb Size/MD5 checksum: 524146 b3163af303b9325b8b3fbd17847d5510 Intel IA-32 architecture: http://security.debian.org/pool/updat.../shadow/login_4.0.3-31sarge8_i386.deb Size/MD5 checksum: 575962 da7d31edbc2ae8efa062efceb7412403 http://security.debian.org/pool/updat...shadow/passwd_4.0.3-31sarge8_i386.deb Size/MD5 checksum: 528482 674bc0f5a55b5a9c089776946881912e Intel IA-64 architecture: http://security.debian.org/pool/updat.../shadow/login_4.0.3-31sarge8_ia64.deb Size/MD5 checksum: 602812 6d5bf5529766f141197e06526ad89e03 http://security.debian.org/pool/updat...shadow/passwd_4.0.3-31sarge8_ia64.deb Size/MD5 checksum: 757510 ee72e952ae6a72ad1bb43926736fc524 HP Precision architecture: http://security.debian.org/pool/updat.../shadow/login_4.0.3-31sarge8_hppa.deb Size/MD5 checksum: 583126 6a6fe662ce9b70b105445287f7de8350 http://security.debian.org/pool/updat...shadow/passwd_4.0.3-31sarge8_hppa.deb Size/MD5 checksum: 573358 52982450016009a1d105026df2ed9476 Motorola 680x0 architecture: http://security.debian.org/pool/updat.../shadow/login_4.0.3-31sarge8_m68k.deb Size/MD5 checksum: 571880 95318dd38be1768f37870ef76772d468 http://security.debian.org/pool/updat...shadow/passwd_4.0.3-31sarge8_m68k.deb Size/MD5 checksum: 512466 84bb5dfc7a00b48331d16135659ce4b1 Big endian MIPS architecture: http://security.debian.org/pool/updat.../shadow/login_4.0.3-31sarge8_mips.deb Size/MD5 checksum: 588494 9fe712af58492605236207221ca86cbf http://security.debian.org/pool/updat...shadow/passwd_4.0.3-31sarge8_mips.deb Size/MD5 checksum: 656588 bcc61369a7b7d26c0f2deae3fcea169b Little endian MIPS architecture: http://security.debian.org/pool/updat...hadow/login_4.0.3-31sarge8_mipsel.deb Size/MD5 checksum: 587674 9d4ab58720cbeff9e77ca5e543092cfd http://security.debian.org/pool/updat...adow/passwd_4.0.3-31sarge8_mipsel.deb Size/MD5 checksum: 654250 1ddb102ea0773af194c5ac4198d91b14 PowerPC architecture: http://security.debian.org/pool/updat...adow/login_4.0.3-31sarge8_powerpc.deb Size/MD5 checksum: 583558 43a88fc71b1d49d0fa369008f683bf6a http://security.debian.org/pool/updat...dow/passwd_4.0.3-31sarge8_powerpc.deb Size/MD5 checksum: 565848 cb039cc1d7d3b3b2197336b246a005a4 IBM S/390 architecture: http://security.debian.org/pool/updat.../shadow/login_4.0.3-31sarge8_s390.deb Size/MD5 checksum: 583082 d2bc93a93d9c8d558e9928267ebcbf36 http://security.debian.org/pool/updat...shadow/passwd_4.0.3-31sarge8_s390.deb Size/MD5 checksum: 578882 983719b3c73ce360585e49a38ba2f2e1 Sun Sparc architecture: http://security.debian.org/pool/updat...shadow/login_4.0.3-31sarge8_sparc.deb Size/MD5 checksum: 575736 1d138fefdee9b5714f002ec0dd56b7f7 http://security.debian.org/pool/updat...hadow/passwd_4.0.3-31sarge8_sparc.deb Size/MD5 checksum: 532128 96efe104eae8a228474a5d456c3b2907 -- Debian GNU/Linux unstable alias sid -- Fixed in version 4.0.17-2. Provided and/or discovered by: 2006-08-17: Updated CVE reference. Original Advisory: http://www.us.debian.org/security/2006/dsa-1150 Other References: SA20963: http://secunia.com/advisories/20963/



Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

1212 Related Secunia Security Advisories, displaying 10

1. Debian update for postfix

2. Debian update for pdns

3. Debian update for httracker

4. Debian update for opensc

5. Debian update for cupsys

6. Debian update for libxslt

7. Debian update for newsx

8. Debian update for ruby1.9

9. Debian update for python2.5

10. Debian update for icedove

Show all related advisories

Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Opera Multiple Vulnerabilities

2.	vBulletin Private Message Subject Script Insertion

3.	Microsoft Access Snapshot Viewer ActiveX Control Vulnerability

4.	Microsoft Office Filters Multiple Vulnerabilities

5.	Folder Lock Weak Password Encryption Security Issue

6.	rPath update for kernel and xen

7.	neon "parse_domain() " Denial of Service Vulnerability

8.	Programs Rating "id" SQL Injection Vulnerability

9.	SunShop Shopping Cart class.ajax.php SQL Injection Vulnerabilities

10.	Anzio Web Print Object (WePO) ActiveX Component "mainurl" Buffer Overflow