206 – IMPORTANT update Sudo package

Bug 206 - IMPORTANT update Sudo package

Summary: IMPORTANT update Sudo package

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Core system (show other bugs)
Hardware:	x86 Linux

Importance:	High normal (vote)
Assignee:	Mikael Hallendal (hallski) (RETIRED)

URL:
Whiteboard:
Keywords:	SECURITY

Depends on:
Blocks:

Reported:	2002-01-17 04:31 UTC by Ferry Meyndert
Modified:	2007-09-13 20:44 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ferry Meyndert 2002-01-17 04:31:33 UTC

Local root exploit for sudo + postfix. Exploits sudo prior to sudo-1.6.4.1.

OVERVIEW
- --------
  There is a vulnerability in sudo which can allow an attacker to trick
  sudo into running the system MTA with root privileges and an unclean
  environment, possibly leading to a root compromise.


DETAIL
- ------
  Sebastian Krahmer of the SuSE Security Team found a bug in sudo which
  can allow an attacker to send a failed-invocation email with root
  privileges and an unclean environment.  Using the Postfix MTA an
  attacker can potentially gain a root shell.  No other MTA is known to be
  exploitable at this time.

  We would like to reiterate that the bug is in sudo, not Postfix which is
  simply being used as a vehicle in this instance.

  This bug is fixed by having sudo run the MTA with user privileges
  instead of with root privileges.

SOLUTION
---------
Update all sudo ebuilds to the new sudo version 6.5
ftp://ftp.cs.colorado.edu/pub/sudo/sudo-1.6.5.tar.gz

Comment 1 Mikael Hallendal (hallski) (RETIRED) gentoo-dev

2002-01-17 04:45:06 UTC

commited 1.6.5 and removed all older versions.

Comment 2 Jakub Moc (RETIRED) gentoo-dev

2007-09-13 20:44:51 UTC

*** Bug 192461 has been marked as a duplicate of this bug. ***