Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 189615 - app-admin/sudo < 1.6.9 Kerberos 5 Security Bypass Vulnerability (CVE-2007-3149)
Summary: app-admin/sudo < 1.6.9 Kerberos 5 Security Bypass Vulnerability (CVE-2007-3149)
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/26540/
Whiteboard: B1? []
Keywords:
Depends on: 186836
Blocks:
  Show dependency tree
 
Reported: 2007-08-20 16:45 UTC by Matt Fleming (RETIRED)
Modified: 2007-09-08 22:13 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Matt Fleming (RETIRED) gentoo-dev 2007-08-20 16:45:34 UTC 
A vulnerability has been reported in Sudo, which can be exploited by malicious, local users to bypass certain security restrictions.

The vulnerability is caused due to improper error handling within the Kerberos 5 authentication mechanism. This can be exploited to execute commands allowed by the Sudo configuration without proper authentication.

NOTE: Successful exploitation requires that Sudo is linked directly with the Kerberos 5 libraries, and that the affected machine is a Kerberos 5 client.

The vulnerability is reported in versions prior to 1.6.9.
Comment 1 Matt Fleming (RETIRED) gentoo-dev 2007-08-20 16:47:49 UTC 
CC'ing maintainer and setting whiteboard status.
Comment 2 Matt Fleming (RETIRED) gentoo-dev 2007-08-20 16:49:42 UTC 
Whoops, forgot CVE number. Thanks rbu.
Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-08-20 19:05:53 UTC 
As long as it is only linked against PAM it's not affected.
Comment 4 Christian Faulhammer (RETIRED) gentoo-dev 2007-09-08 21:48:48 UTC 
taviso is away...bump it?
Comment 5 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-09-08 22:13:57 UTC 
(In reply to comment #4)
> taviso is away...bump it?
> 
Err, like jaervosz pointed out, we're not affected actually. 

ldd /usr/bin/sudo                                                        
        libpam.so.0 => /lib/libpam.so.0 (0xf7fb8000)
        libdl.so.2 => /lib/libdl.so.2 (0xf7fa0000)
        libc.so.6 => /lib/libc.so.6 (0xf7e3c000)
        /lib/ld-linux.so.2 (0xf7fd8000)

And from the ebuild:
# TODO: Fix support for krb4 and krb5

So closing this one as invalid.