VULNERABILITY IN SUDO

[BLOG HOME]

The keyword 'sudo' in Unix and Linux allows users to execute certain commands with special access privileges who otherwise could not run on a machine given by a user with a lower level of authorization. As expected, it is one of the most important commands all Linux / Unix ecosystem, one that can substantially compromise the security of the device if exploited.

One was discovered by Joe Vennix of Apple Information Security. The vulnerability is entitled CVE-2019-14287 in the database Common Vulnerabilities and Exhibition. As said before, 'sudo' allows you to run commands that you otherwise could not be performed by regular users of the machine. CVE-2019-14287, can avoid this by simply changing the user ID to -1 or 4,294,967,295 to 'sweat' command. This means that falsifying his identity, any user can execute commands on the machine restricted.

The good news, however, is that it only affected the entries sudoers with the keyword ALL in the specifier Runes. For example, entries as bob myhost = (ALL,! root) / usr / bin / vi They were affected while others like myhost alice = / usr / bin / id They were not.

In addition, the error has been corrected in version 1.8.28 of sudoIn which the above function has been updated. Therefore, users should consider checking for updates available on the affected computers.

News update: The development team our community has made available a patch that addresses this vulnerability in DeepinOS while we wait for the official patch.

Source: https://www.sudo.ws/alerts/minus_1_uid.html

 

 

What do you think about it?

please Enter to comment
subscribe
Report of