Public bug reported:
64 bit Ubuntu 10.04.3 LTS
login version 1:4.1.4.2-1ubuntu2.2
Steps to reproduce:
1. Invoke su. (What options and username are given, if any, doesn't seem to
matter).
2. When prompted for a password, hit Ctrl-D without typing any other characters
first.
Expected results:
su should handle Ctrl-D however it was designed to handle it without
segfaulting.
I had accidentally invoked su and subconsciously expected su to treat
Ctrl-D as end of input and terminate (as cat or a shell would).
Actual results:
su terminates with a segfault.
-----------------------------------------------------------------
I am not sure whether to check the "This bug is a security vulnerability
box". I will leave it unchecked as I'm uncertain what the criteria are
for classifying a bug as a security vulnerability and as I have not
observed this bug to allow a privileged login without a password, but it
seems that a segfault in a program that deals with passwords, especially
while handling passwords, is at least a potential vulnerability.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: login 1:4.1.4.2-1ubuntu2.2
ProcVersionSignature: Ubuntu 2.6.32-25.44-generic 2.6.32.21+drm33.7
Uname: Linux 2.6.32.41+drm33.18-jwb x86_64
NonfreeKernelModules: nvidia
Architecture: amd64
Date: Fri Jan 6 23:49:12 2012
ProcEnviron:
LANGUAGE=en_US:en
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/zsh
SourcePackage: shadow
** Affects: shadow (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug lucid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/913029
Title:
su segfaults when Ctrl-D is entered as the first charachter in
response to the password prompt
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/913029/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
