banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register  
[Login] Loginhttp  | https  ]
 
Forum Index Thông tin new bugs và exploits Sudo local vulnerability  XML
  [Announcement]   Sudo local vulnerability 01/03/2010 07:21:12 (+0700) | #1 | 205804
[Avatar]
ORA2009
Member

[Minus]    0    [Plus]
Joined: 31/08/2009 11:04:02
Messages: 109
Offline
[Profile] [PM]
Abstract

A fix has been published for sudo tool which is included in many Unix-like systems
The worst attack scenario could lead to local privilege escalation. Exploitation could be done without any tool in a defined sudo configuration.

A fix is available.
No exploit is required.

Action

A fix is available. It is advised to test before deployment.

Other workarounds:
* check sudo configuration and ensure the vulnerable setup is not used

Note

The flaw comes from an incorrect handling of group membership when executing a local command. The vulnerable configuration uses 'runas_default' parameter which allows to execute a command as another user (distinct from root). It allows to execute code as root bypassing the defined configuration.
Exploitation implies to be authenticated.
Default configuration of sudo does not seem to contain this parameter (checked on Debian Linux and OpenBSD)
Only Redhat has published an official bulletin on this subject.

Affected components
Sudo < 1.6.9p20
(include Red Hat Enterprise Linux 5)

Credits
+ RHSA-2010:0122-1: Important: sudo security update
http://rhn.redhat.com/errata/RHSA-2010-0122.html
(2 vulnerabilities)

+ Sudo Security Alerts
http://www.sudo.ws/sudo/security.html

[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|