Prilikom korištenja sudo naredbe uočen je novi sigurnosni nedostatak. Lokalni ga napadač može iskoristiti za dobivanje većih ovlasti te zaobilaženje ograničenja u sustavu.
Paket:
Sudo 1.7.x
Operacijski sustavi:
Mandriva Linux 2010.1, Mandriva Linux 2011, Mandriva Linux Enterprise Server 5.0
Kritičnost:
7.2
Problem:
nepravilno rukovanje ovlastima, pogreška u programskoj komponenti
Iskorištavanje:
lokalno
Posljedica:
dobivanje većih privilegija, zaobilaženje postavljenih ograničenja
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2012-2337
Izvorni ID preporuke:
MDVSA-2012:079
Izvor:
Mandriva
Problem:
Sigurnosni propust se javlja zbog neodgovarajuće podrške spomenutog paketa za konfiguracije koje koriste "netmask" sintaksu.
Posljedica:
Lokalni napadač spomenutu ranjivost može iskoristiti za dobivanje većih privilegija i zaobilaženje postavljenih ograničenja.
Rješenje:
Rješenje problema sigurnosti je korištenje najnovije inačice paketa.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2012:079
http://www.mandriva.com/security/
_______________________________________________________________________
Package : sudo
Date : May 21, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
A vulnerability has been found and corrected in sudo:
A flaw exists in the IP network matching code in sudo versions 1.6.9p3
through 1.8.4p4 that may result in the local host being matched
even though it is not actually part of the network described by the
IP address and associated netmask listed in the sudoers file or in
LDAP. As a result, users authorized to run commands on certain IP
networks may be able to run commands on hosts that belong to other
networks not explicitly listed in sudoers (CVE-2012-2337
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2337
http://www.sudo.ws/sudo/alerts/netmask.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
10f9635c97df775aa2e84eea10cc2520
2010.1/i586/sudo-1.7.4p6-0.2mdv2010.2.i586.rpm
172ec1e9eb59daf6c619083544395615
2010.1/SRPMS/sudo-1.7.4p6-0.2mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
7c223e5185387d690b1fd5c9aedbb072
2010.1/x86_64/sudo-1.7.4p6-0.2mdv2010.2.x86_64.rpm
172ec1e9eb59daf6c619083544395615
2010.1/SRPMS/sudo-1.7.4p6-0.2mdv2010.2.src.rpm
Mandriva Linux 2011:
4eaa11586daaf481506b9383462e11b1 2011/i586/sudo-1.7.6p2-1.1-mdv2011.0.i586.rpm
54e9566af0fc7a350b91a14351e83a9c 2011/SRPMS/sudo-1.7.6p2-1.1.src.rpm
Mandriva Linux 2011/X86_64:
c1a370556138f31669c713c7544ee042
2011/x86_64/sudo-1.7.6p2-1.1-mdv2011.0.x86_64.rpm
54e9566af0fc7a350b91a14351e83a9c 2011/SRPMS/sudo-1.7.6p2-1.1.src.rpm
Mandriva Enterprise Server 5:
b713c66d70635d93ccf68864c8849fe8 mes5/i586/sudo-1.7.4p6-0.2mdvmes5.2.i586.rpm
1de7c7de8f1764ecad9d727bae373fa7 mes5/SRPMS/sudo-1.7.4p6-0.2mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
6cabbb3df9d3ab16adb1f29b42ec24c5
mes5/x86_64/sudo-1.7.4p6-0.2mdvmes5.2.x86_64.rpm
1de7c7de8f1764ecad9d727bae373fa7 mes5/SRPMS/sudo-1.7.4p6-0.2mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD4DBQFPujn1mqjQ0CJFipgRAk+EAJ4jVLd17ksb/Ueg34F6Lfhd99OJpQCXTU5D
Bt4a74E/fTXDzhyIPE8rjw==
=wXih
-----END PGP SIGNATURE-----
Posljednje sigurnosne preporuke