BugTraq
sudoedit local privilege escalation through PATH manipulation Apr 19 2010 11:04AM
Agazzini Maurizio (maurizio agazzini mediaservice net) (1 replies)
Re: sudoedit local privilege escalation through PATH manipulation Apr 20 2010 06:42AM
Ansgar Wiechers (bugtraq planetcobalt net) (1 replies)
Re: sudoedit local privilege escalation through PATH manipulation Apr 22 2010 08:04AM
Agazzini Maurizio (inode mediaservice net)
On 20/04/2010 8.42, Ansgar Wiechers wrote:
> Perhaps I'm missing something, but how is this a security flaw? A user
> who is allowed to run "sudoedit" can edit /etc/sudoers, and thus allow
> himself to run any command anyway.
>
> Regards
> Ansgar Wiechers

In the configuration file (sudoers) you can specify the file that the
user is allowed to edit (http://www.gratisoft.us/sudo/man/sudoers.html).
The bug allow you to bypass these controls and gain root privileges.

Best regards,

Maurizio

--
Maurizio Agazzini CISSP, OPST
Senior Security Advisor
Team Manager
@ Mediaservice.net Srl Tel: +39-011-32.72.100
Via San Bernardino, 17 Fax: +39-011-32.46.497
10141 Torino - ITALY http://mediaservice.net/

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus