sudo: Privilege escalation
Two vulnerabilities have been discovered in sudo, allowing local
attackers to possibly gain escalated privileges.
sudo
March 06, 2012
March 06, 2012: 1
351490
401533
local
1.8.3_p2
1.7.4_p5
1.8.3_p2
sudo allows a system administrator to give users the ability to run
commands as other users.
Two vulnerabilities have been discovered in sudo:
- When the sudoers file is configured with a Runas group, sudo does not
prompt for a password when changing to the new group (CVE-2011-0010).
- A format string vulnerability exists in the "sudo_debug()" function
(CVE-2012-0809).
A local attacker could possibly gain the ability to run arbitrary
commands with the privileges of other users or groups, including root.
There is no known workaround at this time.
All sudo users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.3_p2"
CVE-2011-0010
CVE-2012-0809
underling
ackle