On Mon, Apr 03, 2006 at 10:59:32PM +0200, Matteo Croce wrote: > Package: passwd > Version: 1:4.0.14-9 > Severity: critical > Tags: security > Justification: root security hole > > Just press ^D instead of the new password and passwd will segfaults. > I think that this is grave because it's set uid root.
Interestingly this only happens upon my Sid machine. Upon Sarge it works as expected: [EMAIL PROTECTED]:~$ passwd Changing password for skx (current) UNIX password: Enter new UNIX password: Retype new UNIX password: No password supplied Enter new UNIX password: Retype new UNIX password: No password supplied Enter new UNIX password: Retype new UNIX password: No password supplied passwd: Authentication token manipulation error On unstable it behaves as you describe: [EMAIL PROTECTED]:~$ passwd Changing password for skx (current) UNIX password: Enter new UNIX password: Retype new UNIX password: Segmentation fault Under gdb I see this: Retype new UNIX password: Program received signal SIGSEGV, Segmentation fault. 0xb7d815eb in pam_sm_chauthtok () from /lib/security/pam_unix.so (gdb) bt #0 0xb7d815eb in pam_sm_chauthtok () from /lib/security/pam_unix.so #1 0xb7fa9a9a in _pam_dispatch () from /lib/libpam.so.0 #2 0xb7fabfa3 in pam_chauthtok () from /lib/libpam.so.0 #3 0x0804b1df in ?? () #4 0x08052388 in ?? () #5 0x00000000 in ?? () Unfortunately I don't have time tonight to investigate, but it looks like it is a pam_unix.so / libpam.so bug, rather than a passwd bug. Steve -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
