Public bug reported:
Running the attached PHP program with a correct username and password
gives:
1: 1:
ALERT - canary mismatch on efree() - heap overflow detected (attacker
'REMOTE_ADDR not set', file 'unknown')
strace shows it uses /etc/pam.d/other, which just includes the common-*
setups, which in my case is a standard pam_ldap setup.
$ apt-cache policy php5-auth-pam
php5-auth-pam:
Installed: 0.4-10
Candidate: 0.4-10
Version table:
*** 0.4-10 0
500 http://gb.archive.ubuntu.com jaunty/universe Packages
100 /var/lib/dpkg/status
$ apt-cache policy php5
php5:
Installed: 5.2.6.dfsg.1-3ubuntu4.1
Candidate: 5.2.6.dfsg.1-3ubuntu4.1
Version table:
*** 5.2.6.dfsg.1-3ubuntu4.1 0
500 http://gb.archive.ubuntu.com jaunty-updates/main Packages
500 http://security.ubuntu.com jaunty-security/main Packages
100 /var/lib/dpkg/status
5.2.6.dfsg.1-3ubuntu4 0
500 http://gb.archive.ubuntu.com jaunty/main Packages
I have just built a virgin Ubuntu system, with:
$ apt-cache policy php5
php5:
Installed: 5.2.4-2ubuntu5.6
Candidate: 5.2.4-2ubuntu5.6
Version table:
*** 5.2.4-2ubuntu5.6 0
500 http://gb.archive.ubuntu.com hardy-updates/main Packages
500 http://security.ubuntu.com hardy-security/main Packages
100 /var/lib/dpkg/status
5.2.4-2ubuntu5 0
500 http://gb.archive.ubuntu.com hardy/main Packages
$ apt-cache policy php5-auth-pam
php5-auth-pam:
Installed: 0.4-10
Candidate: 0.4-10
Version table:
*** 0.4-10 0
500 http://gb.archive.ubuntu.com hardy/universe Packages
100 /var/lib/dpkg/status
... which also shows the same problem. This system is using a completely
unmodified pam setup (i.e. pam_unix).
** Affects: php-auth-pam (Ubuntu)
Importance: Undecided
Status: New
--
pam_auth: ALERT - canary mismatch on efree() - heap overflow detected
https://bugs.launchpad.net/bugs/387963
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
