[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register  
[Login] Loginhttp  | https  ]
Forum Index Thông tin new bugs và exploits Sudo local vulnerability  XML
  [Announcement]   Sudo local vulnerability 01/03/2010 07:21:12 (+0700) | #1 | 205804

[Minus]    0    [Plus]
Joined: 31/08/2009 11:04:02
Messages: 109
[Profile] [PM]

A fix has been published for sudo tool which is included in many Unix-like systems
The worst attack scenario could lead to local privilege escalation. Exploitation could be done without any tool in a defined sudo configuration.

A fix is available.
No exploit is required.


A fix is available. It is advised to test before deployment.

Other workarounds:
* check sudo configuration and ensure the vulnerable setup is not used


The flaw comes from an incorrect handling of group membership when executing a local command. The vulnerable configuration uses 'runas_default' parameter which allows to execute a command as another user (distinct from root). It allows to execute code as root bypassing the defined configuration.
Exploitation implies to be authenticated.
Default configuration of sudo does not seem to contain this parameter (checked on Debian Linux and OpenBSD)
Only Redhat has published an official bulletin on this subject.

Affected components
Sudo < 1.6.9p20
(include Red Hat Enterprise Linux 5)

+ RHSA-2010:0122-1: Important: sudo security update
(2 vulnerabilities)

+ Sudo Security Alerts

[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline  |  |  |  |
1999 - 2013 © v2012|0504|218|