[Nsspampgsql-devel] Bug#551389: libnss-pgsql2: Public auth info in the nss-pgsql.conf allows Denial-of-Service attack to NSS
Denis Feklushkin
denis.feklushkin at gmail.com
Sat Oct 17 22:18:34 UTC 2009
Package: libnss-pgsql2
Version: 1.4.0debian-2
Severity: important
Any local user can completely disable NSS resolution in DB by changing the
password to the database.
Unlike mysql, postgres does not allow create a user ("role") which has no possibility to change own password (so-called "anonymous user").
Thus, any local user can obtain password from /etc/nss-pgsql.conf, change it and access to the DB will be corrupted
-- System Information:
Debian Release: squeeze/sid
APT prefers stable
APT policy: (990, 'stable'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.30-1-686 (SMP w/1 CPU core)
Locale: LANG=ru_RU.utf8, LC_CTYPE=ru_RU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libnss-pgsql2 depends on:
ii libc6 2.9-25 GNU C Library: Shared libraries
ii libpq5 8.4.1-1 PostgreSQL C client library
libnss-pgsql2 recommends no packages.
Versions of packages libnss-pgsql2 suggests:
ii libpam-pgsql 0.6.3-2 PAM module to authenticate using a
ii nscd 2.9-25 GNU C Library: Name Service Cache
-- debconf-show failed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/nsspampgsql-devel/attachments/20091018/07d6e7ad/attachment.pgp>
More information about the Nsspampgsql-devel
mailing list