Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:25558
HistoryJan 27, 2011 - 12:00 a.m.

[ MDVSA-2011:019 ] libuser

2011-01-2700:00:00
vulners.com
12
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2011:019
http://www.mandriva.com/security/

Package : libuser
Date : January 26, 2011
Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0

Problem Description:

A vulnerability has been found and corrected in libuser:

libuser before 0.57 uses a cleartext password value of (1) !! or (2) x
for new LDAP user accounts, which makes it easier for remote attackers
to obtain access by specifying one of these values (CVE-2011-0002).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0002

Updated Packages:

Mandriva Linux 2009.0:
ca70c36b0b0d92777fd018d6f3cdd6e2 2009.0/i586/libuser-0.56.9-2.1mdv2009.0.i586.rpm
43123c3c58d55604307834fd7ada929c
2009.0/i586/libuser1-0.56.9-2.1mdv2009.0.i586.rpm
f3cfd126ba0c48a73462950fc50588de
2009.0/i586/libuser-devel-0.56.9-2.1mdv2009.0.i586.rpm
fa5bb059a1d0dd7d58b1d7057e5c0f7f
2009.0/i586/libuser-ldap-0.56.9-2.1mdv2009.0.i586.rpm
508e8b5bb1fd7e40f078842198f0f7e3
2009.0/i586/libuser-python-0.56.9-2.1mdv2009.0.i586.rpm
6195ca448d84b938fe21d1f2edf1378f 2009.0/SRPMS/libuser-0.56.9-2.1mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
7c97f6e1a82f6674873388e6c2ccb235
2009.0/x86_64/lib64user1-0.56.9-2.1mdv2009.0.x86_64.rpm
37abe1149c3e6e602cfd1e9621e03e82
2009.0/x86_64/lib64user-devel-0.56.9-2.1mdv2009.0.x86_64.rpm
5e46fc7dd4d31d6a05f221b14899109c
2009.0/x86_64/libuser-0.56.9-2.1mdv2009.0.x86_64.rpm
8a5e9ae3b52cca038070b411eb38b870
2009.0/x86_64/libuser-ldap-0.56.9-2.1mdv2009.0.x86_64.rpm
f42063e6d27cad1685d9b66021e8328e
2009.0/x86_64/libuser-python-0.56.9-2.1mdv2009.0.x86_64.rpm
6195ca448d84b938fe21d1f2edf1378f 2009.0/SRPMS/libuser-0.56.9-2.1mdv2009.0.src.rpm

Mandriva Linux 2010.0:
1390c942454ebf498ce5567283850e7e
2010.0/i586/libuser-0.56.11-1.1mdv2010.0.i586.rpm
054618569e80a6e1767d5e6529399d23
2010.0/i586/libuser1-0.56.11-1.1mdv2010.0.i586.rpm
1190320b655c4187f7fded7db74faed3
2010.0/i586/libuser-devel-0.56.11-1.1mdv2010.0.i586.rpm
ba9f0a4af374c840a953de2ac46c80fb
2010.0/i586/libuser-ldap-0.56.11-1.1mdv2010.0.i586.rpm
41cc3b8d5a823e4a704cfb282fa9c76a
2010.0/i586/libuser-python-0.56.11-1.1mdv2010.0.i586.rpm
2694df315cb32a260064d024722beec9
2010.0/SRPMS/libuser-0.56.11-1.1mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
85d05e42080e8ad098261b7f10626f1a
2010.0/x86_64/lib64user1-0.56.11-1.1mdv2010.0.x86_64.rpm
e2f2f311c3e00680b68f40e5189f4b3f
2010.0/x86_64/lib64user-devel-0.56.11-1.1mdv2010.0.x86_64.rpm
491f4e0c92f99e68ab2ba60dd969e10d
2010.0/x86_64/libuser-0.56.11-1.1mdv2010.0.x86_64.rpm
f63768ddb727e3bf9b201756747e4f5e
2010.0/x86_64/libuser-ldap-0.56.11-1.1mdv2010.0.x86_64.rpm
74fa01df91da0fd1b9d37a7bcd91116d
2010.0/x86_64/libuser-python-0.56.11-1.1mdv2010.0.x86_64.rpm
2694df315cb32a260064d024722beec9
2010.0/SRPMS/libuser-0.56.11-1.1mdv2010.0.src.rpm

Mandriva Linux 2010.1:
5c942ad8edeaea55a2091479838f602f
2010.1/i586/libuser-0.56.15-3.1mdv2010.2.i586.rpm
6f3c60d4bdc1acb67a5ac4e4593c7610
2010.1/i586/libuser1-0.56.15-3.1mdv2010.2.i586.rpm
191f919d23e87ed4108691778c34f082
2010.1/i586/libuser-devel-0.56.15-3.1mdv2010.2.i586.rpm
b89cb7b101b523807d5b78aba657a724
2010.1/i586/libuser-ldap-0.56.15-3.1mdv2010.2.i586.rpm
1d6e2b68af335fc1ad493d96854d3df9
2010.1/i586/libuser-python-0.56.15-3.1mdv2010.2.i586.rpm
9e651f9eeb0978d060ad26e254c11b64
2010.1/SRPMS/libuser-0.56.15-3.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
45205a3cf4cf90c8fc45bfb5b3f544ed
2010.1/x86_64/lib64user1-0.56.15-3.1mdv2010.2.x86_64.rpm
b90aab76a88221ed42dfa51272294d91
2010.1/x86_64/lib64user-devel-0.56.15-3.1mdv2010.2.x86_64.rpm
8c1dbfacfe98699d30d1b6c3e83b966e
2010.1/x86_64/libuser-0.56.15-3.1mdv2010.2.x86_64.rpm
68294d567786b431654d1b7ec0850214
2010.1/x86_64/libuser-ldap-0.56.15-3.1mdv2010.2.x86_64.rpm
1b12f17a64c7df7840fbd81f8657c979
2010.1/x86_64/libuser-python-0.56.15-3.1mdv2010.2.x86_64.rpm
9e651f9eeb0978d060ad26e254c11b64
2010.1/SRPMS/libuser-0.56.15-3.1mdv2010.2.src.rpm

Corporate 4.0:
9070225e84b5ec4c97728927d58b9434
corporate/4.0/i586/libuser-0.53.2-6.1.20060mlcs4.i586.rpm
3fca7372f85b38bfb55a9e1e10c75ec0
corporate/4.0/i586/libuser1-0.53.2-6.1.20060mlcs4.i586.rpm
7ffeb054b227ea45e44bacbcd7438a53
corporate/4.0/i586/libuser1-devel-0.53.2-6.1.20060mlcs4.i586.rpm
5024fc1f8f479523de5df0123e11fe89
corporate/4.0/i586/libuser-ldap-0.53.2-6.1.20060mlcs4.i586.rpm
30d7fa230a2f47e325ea375e70752e19
corporate/4.0/i586/libuser-python-0.53.2-6.1.20060mlcs4.i586.rpm
f1682ded4b626754df6cc6473188a67a
corporate/4.0/SRPMS/libuser-0.53.2-6.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
c0b394abc4fa5166486f04144d2608bb
corporate/4.0/x86_64/lib64user1-0.53.2-6.1.20060mlcs4.x86_64.rpm
88a8eeeebf4ab9858a92a49cc64ea473
corporate/4.0/x86_64/lib64user1-devel-0.53.2-6.1.20060mlcs4.x86_64.rpm
338cc3bd6928f941e500894a0f4fd2ec
corporate/4.0/x86_64/libuser-0.53.2-6.1.20060mlcs4.x86_64.rpm
277e2f281f1bdc3d7eab6df61353622d
corporate/4.0/x86_64/libuser-ldap-0.53.2-6.1.20060mlcs4.x86_64.rpm
f2f6ee658734f4b99c6c2aca5f6555ec
corporate/4.0/x86_64/libuser-python-0.53.2-6.1.20060mlcs4.x86_64.rpm
f1682ded4b626754df6cc6473188a67a
corporate/4.0/SRPMS/libuser-0.53.2-6.1.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
08fd1e0c14e5c86e418a23ad27401482 mes5/i586/libuser-0.56.9-2.1mdvmes5.1.i586.rpm
36eddbc333424b33c449b8d1c3befc7d mes5/i586/libuser1-0.56.9-2.1mdvmes5.1.i586.rpm
2279332ac99a92a8887466261723fc35
mes5/i586/libuser-devel-0.56.9-2.1mdvmes5.1.i586.rpm
1e86f7af7fa2319faa4b4325ecf50af1
mes5/i586/libuser-ldap-0.56.9-2.1mdvmes5.1.i586.rpm
c8797fd70e4bac0fad491dbc637c1bed
mes5/i586/libuser-python-0.56.9-2.1mdvmes5.1.i586.rpm
4737264ba1e04fd2113929a3a870bc7a mes5/SRPMS/libuser-0.56.9-2.1mdvmes5.1.src.rpm

Mandriva Enterprise Server 5/X86_64:
e4b5455914906b5e4a02f4e0bcc2cf84
mes5/x86_64/lib64user1-0.56.9-2.1mdvmes5.1.x86_64.rpm
6c48c50ddcac7db31866e4f0564c8b02
mes5/x86_64/lib64user-devel-0.56.9-2.1mdvmes5.1.x86_64.rpm
1bde510f65afa24f88a736fd6ce80792
mes5/x86_64/libuser-0.56.9-2.1mdvmes5.1.x86_64.rpm
2599076762dd6552b0d873fa883b3256
mes5/x86_64/libuser-ldap-0.56.9-2.1mdvmes5.1.x86_64.rpm
52f2f33b577bbac0be8fdcbb8548a627
mes5/x86_64/libuser-python-0.56.9-2.1mdvmes5.1.x86_64.rpm
4737264ba1e04fd2113929a3a870bc7a mes5/SRPMS/libuser-0.56.9-2.1mdvmes5.1.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNQCRpmqjQ0CJFipgRAlCPAKCnhM95ruMCqhmlagQtf74j8JZF7ACfcIaO
oWiDxxTET0vgcarHfwgKBAs=
=q2du
-----END PGP SIGNATURE-----

Related

fedora 2
openvas 18
securityvulns 1
nessus 9
prion 1
cve 1
f5 2
oraclelinux 1
veracode 1
ubuntucve 1
debiancve 1
redhat 1
centos 1
vmware 2
fedora
fedora
[SECURITY] Fedora 14 Update: libuser-0.56.18-3.fc14
2011-01-21 23:06:23
[SECURITY] Fedora 13 Update: libuser-0.56.16-1.fc13.2
2011-01-22 20:26:39
openvas
openvas
CentOS Update for libuser CESA-2011:0170 centos5 x86_64
2012-07-30 00:00:00
CentOS Update for libuser CESA-2011:0170 centos4 i386
2011-02-11 00:00:00
Fedora Update for libuser FEDORA-2011-0320
2011-01-24 00:00:00
securityvulns
securityvulns
libuser weal passwords
2011-01-27 00:00:00
nessus
nessus
Fedora 13 : libuser-0.56.16-1.fc13.2 (2011-0320)
2011-01-24 00:00:00
Mandriva Linux Security Advisory : libuser (MDVSA-2011:019)
2011-01-28 00:00:00
Fedora 14 : libuser-0.56.18-3.fc14 (2011-0316)
2011-01-24 00:00:00
prion
prion
Default credentials
2011-01-22 22:00:00
cve
cve
CVE-2011-0002
2011-01-22 22:00:00
f5
f5
K16877 : libuser vulnerability CVE-2011-0002
2015-07-02 00:00:00
SOL16877 - libuser vulnerability CVE-2011-0002
2015-07-02 00:00:00
oraclelinux
oraclelinux
libuser security update
2011-01-20 00:00:00
veracode
veracode
Authentication Bypass
2020-04-10 00:55:59
ubuntucve
ubuntucve
CVE-2011-0002
2011-01-22 00:00:00
debiancve
debiancve
CVE-2011-0002
2011-01-22 22:00:00
redhat
redhat
(RHSA-2011:0170) Moderate: libuser security update
2011-01-20 00:00:00
centos
centos
libuser security update
2011-02-04 10:41:22
vmware
vmware
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
JSON
Related for SECURITYVULNS:DOC:25558
fedora2openvas18securityvulns1nessus9prion1cve1f52oraclelinux1veracode1ubuntucve1debiancve1redhat1centos1vmware2