Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for likewise_cifs by likewise

    CVE-2010-0833 (GCVE-0-2010-0833)

    Vulnerability from nvd – Published: 2010-07-27 22:00 – Updated: 2024-08-07 00:59
    VLAI
    Summary
    The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, as used in HP StorageWorks X9000 Network Storage Systems and possibly other products, uses "SetPassword logic" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ubuntu.com/usn/USN-964-1 vendor-advisoryx_refsource_UBUNTU
    http://www.securityfocus.com/archive/1/512643/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/40725 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=129719002806096&w=2 vendor-advisoryx_refsource_HP
    http://secunia.com/advisories/40736 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/43244 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1025031 vdb-entryx_refsource_SECTRACK
    http://www.likewise.com/community/index.php/forum… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2010/1913 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2011/0312 vdb-entryx_refsource_VUPEN
    Date Public
    2010-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:59:39.384Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-964-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-964-1"
              },
              {
                "name": "20100726 [LWSA-2010-001] Likewise Open 5.4 \u0026 6.0",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/512643/100/0/threaded"
              },
              {
                "name": "40725",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40725"
              },
              {
                "name": "SSRT1000385",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
              },
              {
                "name": "40736",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40736"
              },
              {
                "name": "43244",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43244"
              },
              {
                "name": "1025031",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1025031"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.likewise.com/community/index.php/forums/viewthread/772/"
              },
              {
                "name": "ADV-2010-1913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1913"
              },
              {
                "name": "HPSBST02630",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
              },
              {
                "name": "ADV-2011-0312",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0312"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, as used in HP StorageWorks X9000 Network Storage Systems and possibly other products, uses \"SetPassword logic\" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "name": "USN-964-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-964-1"
            },
            {
              "name": "20100726 [LWSA-2010-001] Likewise Open 5.4 \u0026 6.0",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/512643/100/0/threaded"
            },
            {
              "name": "40725",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40725"
            },
            {
              "name": "SSRT1000385",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
            },
            {
              "name": "40736",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40736"
            },
            {
              "name": "43244",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43244"
            },
            {
              "name": "1025031",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1025031"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.likewise.com/community/index.php/forums/viewthread/772/"
            },
            {
              "name": "ADV-2010-1913",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1913"
            },
            {
              "name": "HPSBST02630",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
            },
            {
              "name": "ADV-2011-0312",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0312"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "ID": "CVE-2010-0833",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, as used in HP StorageWorks X9000 Network Storage Systems and possibly other products, uses \"SetPassword logic\" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-964-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-964-1"
                },
                {
                  "name": "20100726 [LWSA-2010-001] Likewise Open 5.4 \u0026 6.0",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/512643/100/0/threaded"
                },
                {
                  "name": "40725",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40725"
                },
                {
                  "name": "SSRT1000385",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
                },
                {
                  "name": "40736",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40736"
                },
                {
                  "name": "43244",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43244"
                },
                {
                  "name": "1025031",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1025031"
                },
                {
                  "name": "http://www.likewise.com/community/index.php/forums/viewthread/772/",
                  "refsource": "CONFIRM",
                  "url": "http://www.likewise.com/community/index.php/forums/viewthread/772/"
                },
                {
                  "name": "ADV-2010-1913",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1913"
                },
                {
                  "name": "HPSBST02630",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
                },
                {
                  "name": "ADV-2011-0312",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0312"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2010-0833",
        "datePublished": "2010-07-27T22:00:00.000Z",
        "dateReserved": "2010-03-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:59:39.384Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0833 (GCVE-0-2010-0833)

    Vulnerability from cvelistv5 – Published: 2010-07-27 22:00 – Updated: 2024-08-07 00:59
    VLAI
    Summary
    The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, as used in HP StorageWorks X9000 Network Storage Systems and possibly other products, uses "SetPassword logic" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ubuntu.com/usn/USN-964-1 vendor-advisoryx_refsource_UBUNTU
    http://www.securityfocus.com/archive/1/512643/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/40725 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=129719002806096&w=2 vendor-advisoryx_refsource_HP
    http://secunia.com/advisories/40736 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/43244 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1025031 vdb-entryx_refsource_SECTRACK
    http://www.likewise.com/community/index.php/forum… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2010/1913 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2011/0312 vdb-entryx_refsource_VUPEN
    Date Public
    2010-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:59:39.384Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-964-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-964-1"
              },
              {
                "name": "20100726 [LWSA-2010-001] Likewise Open 5.4 \u0026 6.0",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/512643/100/0/threaded"
              },
              {
                "name": "40725",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40725"
              },
              {
                "name": "SSRT1000385",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
              },
              {
                "name": "40736",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40736"
              },
              {
                "name": "43244",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43244"
              },
              {
                "name": "1025031",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1025031"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.likewise.com/community/index.php/forums/viewthread/772/"
              },
              {
                "name": "ADV-2010-1913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1913"
              },
              {
                "name": "HPSBST02630",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
              },
              {
                "name": "ADV-2011-0312",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0312"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, as used in HP StorageWorks X9000 Network Storage Systems and possibly other products, uses \"SetPassword logic\" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "name": "USN-964-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-964-1"
            },
            {
              "name": "20100726 [LWSA-2010-001] Likewise Open 5.4 \u0026 6.0",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/512643/100/0/threaded"
            },
            {
              "name": "40725",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40725"
            },
            {
              "name": "SSRT1000385",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
            },
            {
              "name": "40736",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40736"
            },
            {
              "name": "43244",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43244"
            },
            {
              "name": "1025031",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1025031"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.likewise.com/community/index.php/forums/viewthread/772/"
            },
            {
              "name": "ADV-2010-1913",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1913"
            },
            {
              "name": "HPSBST02630",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
            },
            {
              "name": "ADV-2011-0312",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0312"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "ID": "CVE-2010-0833",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, as used in HP StorageWorks X9000 Network Storage Systems and possibly other products, uses \"SetPassword logic\" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-964-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-964-1"
                },
                {
                  "name": "20100726 [LWSA-2010-001] Likewise Open 5.4 \u0026 6.0",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/512643/100/0/threaded"
                },
                {
                  "name": "40725",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40725"
                },
                {
                  "name": "SSRT1000385",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
                },
                {
                  "name": "40736",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40736"
                },
                {
                  "name": "43244",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43244"
                },
                {
                  "name": "1025031",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1025031"
                },
                {
                  "name": "http://www.likewise.com/community/index.php/forums/viewthread/772/",
                  "refsource": "CONFIRM",
                  "url": "http://www.likewise.com/community/index.php/forums/viewthread/772/"
                },
                {
                  "name": "ADV-2010-1913",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1913"
                },
                {
                  "name": "HPSBST02630",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=129719002806096\u0026w=2"
                },
                {
                  "name": "ADV-2011-0312",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0312"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2010-0833",
        "datePublished": "2010-07-27T22:00:00.000Z",
        "dateReserved": "2010-03-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:59:39.384Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }