Soluzioni per la vulnerabilità

La Scansione Vulnerabilità periodica di Nimsoft Cloud Monitor verifica le vulnerabilità riportate qui sotto. Per visualizzare le soluzioni per la vulnerabilità più recenti scansionate da WatchMouse, visitare la pagina sulla panoramica delle Soluzioni per la vulnerabilità

Categoria: Gentoo Local Security Checks Fattore di rischio: Medium Aggiunto il: 5 mar 2010
Synopsis:

The remote host is missing the GLSA-201003-01 security update.

Description:

The remote host is affected by the vulnerability described in GLSA-201003-01
(sudo: Privilege escalation)


Multiple vulnerabilities have been discovered in sudo: Glenn Waller and neonsignal reported that sudo does not properly handle access control of the "sudoedit" pseudo-command
(CVE-2010-0426). Harald Koenig reported that sudo does not properly set supplementary groups when using the "runas_default" option
(CVE-2010-0427).

Impact

A local attacker with privileges to use "sudoedit" or the privilege to execute commands with the "runas_default" setting enabled could leverage these vulnerabilities to execute arbitrary code with elevated privileges.

Workaround

CVE-2010-0426: Revoke all "sudoedit" privileges, or use the full path to sudoedit. CVE-2010-0427: Remove all occurrences of the
"runas_default" setting.

See also:

http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml

Solution:

All sudo users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/sudo-1.7.2_p4"

Risk factor:

Medium / CVSS Base Score : 4.4
(CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P)