Ubuntu Security Notice USN-964-2 July 29, 2010
likewise-open regression
https://launchpad.net/bugs/610300
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 10.04 LTS:
likewise-open 5.4.0.42111-2ubuntu1.2
In general, a standard system update will make all the necessary changes.
Details follow:
USN-964-1 fixed vulnerabilities in Likewise Open. The upstream fixes
were incomplete, which caused problems running certain services. This
update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Matt Weatherford discovered that Likewise Open did not correctly check
password expiration for the local-provider account. A local attacker could
exploit this to log into a system they would otherwise not have access to.