certfr_avis - certa-2001-avi-028

CERTA-2001-AVI-028

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité de l'utilitaire sudo permet à un utilisateur mal intentionné d'obtenir les privilèges root.

Description

sudo est un outil permettant à un utilisateur authentifié d'exécuter des commandes normalement permises qu'à l'utilisateur root.

Un dépassement de mémoire de sudo permet à un utilisateur mal intentionné d'exécuter n'importe quelle commande avec les permissions de root.

Contournement provisoire

Désactiver sudo jusqu'à ce que le correctif ait été appliqué.

Solution

Appliquer le correctif de Debian :

Pour Alpha:

http://security.debian.org/debian-security/dists/stable/updates/main/binary-alpha/sudo_1.6.2p2-1potato1_alpha.deb

ARM :

http://security.debian.org/debian-security/dists/stable/updates/main/binary-arm/sudo_1.6.2p2-1potato1_arm.deb

Intel ia32 :

http://security.debian.org/debian-security/dists/stable/updates/main/binary-i386/sudo_1.6.2p2-1potato1_i386.deb

Motorola 680x0 :

http://security.debian.org/debian-security/dists/stable/updates/main/binary-m68k/sudo_1.6.2p2-1potato1_m68k.deb

Sun Sparc :

http://security.debian.org/debian-security/dists/stable/updates/main/binary-sparc/sudo_1.6.2p2-1potato1_sparc.deb

PowerPC :

http://security.debian.org/debian-security/dists/stable/updates/mainbinary-powerpc/sudo_1.6.2p2-1potato1_powerpc.deb

Source :

http://security.debian.org/debian-security/dists/stable/updates/main/source/sudo_1.6.2p2-1potato1.diff.gz

http://security.debian.org/debian-security/dists/stable/updates/main/source/sudo_1.6.2p2-1potato1.dsc

http://security.debian.org/debian-security/dists/stable/updates/main/source/sudo_1.6.2p2.orig.tar.gz

Linux Debian.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Avis de sécurité Debian	None	vendor-advisory
L'avis de sécurité de Debian :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eLinux Debian.\u003c/P\u003e",
  "content": "## Description\n\nsudo est un outil permettant \u00e0 un utilisateur authentifi\u00e9 d\u0027ex\u00e9cuter des\ncommandes normalement permises qu\u0027\u00e0 l\u0027utilisateur root.\n\nUn d\u00e9passement de m\u00e9moire de sudo permet \u00e0 un utilisateur mal\nintentionn\u00e9 d\u0027ex\u00e9cuter n\u0027importe quelle commande avec les permissions de\nroot.\n\n## Contournement provisoire\n\nD\u00e9sactiver sudo jusqu\u0027\u00e0 ce que le correctif ait \u00e9t\u00e9 appliqu\u00e9.\n\n## Solution\n\nAppliquer le correctif de Debian :\n\n-   Pour Alpha:\n\n        http://security.debian.org/debian-security/dists/stable/updates/main/binary-alpha/sudo_1.6.2p2-1potato1_alpha.deb\n\n-   ARM :\n\n        http://security.debian.org/debian-security/dists/stable/updates/main/binary-arm/sudo_1.6.2p2-1potato1_arm.deb\n\n-   Intel ia32 :\n\n        http://security.debian.org/debian-security/dists/stable/updates/main/binary-i386/sudo_1.6.2p2-1potato1_i386.deb\n\n-   Motorola 680x0 :\n\n        http://security.debian.org/debian-security/dists/stable/updates/main/binary-m68k/sudo_1.6.2p2-1potato1_m68k.deb\n\n-   Sun Sparc :\n\n        http://security.debian.org/debian-security/dists/stable/updates/main/binary-sparc/sudo_1.6.2p2-1potato1_sparc.deb\n\n-   PowerPC :\n\n        http://security.debian.org/debian-security/dists/stable/updates/mainbinary-powerpc/sudo_1.6.2p2-1potato1_powerpc.deb\n\n-   Source :\n\n        http://security.debian.org/debian-security/dists/stable/updates/main/source/sudo_1.6.2p2-1potato1.diff.gz\n\n        http://security.debian.org/debian-security/dists/stable/updates/main/source/sudo_1.6.2p2-1potato1.dsc\n\n        http://security.debian.org/debian-security/dists/stable/updates/main/source/sudo_1.6.2p2.orig.tar.gz\n",
  "cves": [],
  "links": [
    {
      "title": "L\u0027avis de s\u00e9curit\u00e9 de Debian  :",
      "url": "http://lists.debian.org/debian-security-announce-01/msg00025.html"
    }
  ],
  "reference": "CERTA-2001-AVI-028",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2001-03-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Acc\u00e8s root localement"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 de l\u0027utilitaire sudo permet \u00e0 un utilisateur mal\nintentionn\u00e9 d\u0027obtenir les privil\u00e8ges root.\n",
  "title": "vuln\u00e9rabilit\u00e9 de sudo sous Linux Debian",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 Debian",
      "url": null
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted