Solutions de vulnérabilité

L'analyse périodique de vulnérabilité Nimsoft Cloud Monitor vérifie la vulnérabilité ci-dessous. Pour connaître les solutions de vulnérabilité les plus récemment ajoutées analysées par WatchMouse, rendez-vous sur la vue d'ensemble Solutions de vulnérabilité

Catégorie: Gentoo Local Security Checks Facteur de risque: Medium Ajouté: 5 mars 2010
Synopsis:

The remote host is missing the GLSA-201003-01 security update.

Description:

The remote host is affected by the vulnerability described in GLSA-201003-01
(sudo: Privilege escalation)


Multiple vulnerabilities have been discovered in sudo: Glenn Waller and neonsignal reported that sudo does not properly handle access control of the "sudoedit" pseudo-command
(CVE-2010-0426). Harald Koenig reported that sudo does not properly set supplementary groups when using the "runas_default" option
(CVE-2010-0427).

Impact

A local attacker with privileges to use "sudoedit" or the privilege to execute commands with the "runas_default" setting enabled could leverage these vulnerabilities to execute arbitrary code with elevated privileges.

Workaround

CVE-2010-0426: Revoke all "sudoedit" privileges, or use the full path to sudoedit. CVE-2010-0427: Remove all occurrences of the
"runas_default" setting.

See also:

http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml

Solution:

All sudo users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/sudo-1.7.2_p4"

Risk factor:

Medium / CVSS Base Score : 4.4
(CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P)