CVE-2010-0015
Publication date 14 January 2010
Last updated 24 July 2024
Ubuntu priority
nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.
Status
Package | Ubuntu Release | Status |
---|---|---|
eglibc | 11.10 oneiric |
Not affected
|
11.04 natty |
Not affected
|
|
10.10 maverick |
Not affected
|
|
10.04 LTS lucid |
Not affected
|
|
9.10 karmic | Ignored end of life | |
9.04 jaunty | Not in release | |
8.10 intrepid | Not in release | |
8.04 LTS hardy | Not in release | |
6.06 LTS dapper | Not in release | |
glibc | 11.10 oneiric | Not in release |
11.04 natty | Not in release | |
10.10 maverick | Not in release | |
10.04 LTS lucid | Not in release | |
9.10 karmic | Not in release | |
9.04 jaunty | Ignored end of life | |
8.10 intrepid | Ignored end of life, was needed | |
8.04 LTS hardy |
Fixed 2.7-10ubuntu8.1
|
|
6.06 LTS dapper | Ignored end of life |
Notes
Patch details
Package | Patch details |
---|---|
eglibc |
References
Related Ubuntu Security Notices (USN)
- USN-1396-1
- GNU C Library vulnerabilities
- 9 March 2012