USN-955-2: libpam-opie vulnerability
21 June 2010
Releases
Packages
Details
USN-955-1 fixed vulnerabilities in OPIE. This update provides rebuilt
libpam-opie packages against the updated libopie library.
Original advisory details:
Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly
handled long usernames. A remote attacker could exploit this with a crafted
username and make applications linked against libopie crash, leading to a
denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 9.10
Ubuntu 9.04
Ubuntu 10.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-955-1: opie, libopie-dev