Sudo VISudo Symlink Arbitrary File Corruption

2005-04-14T22:28:54
ID OSVDB:16611
Type osvdb
Reporter Imran Ghory(imranghory@gmail.com)
Modified 2005-04-14T22:28:54

Description

Vulnerability Description

Sudo contains a flaw that may allow a malicious local user to manipulate arbitrary files on the system. The issue is due to the VIsudo creating temporary files insecurely if it is invoked on a sudoers file that is contained in a world writable directory. It is possible for a user to use a symlink style attack to corrupt arbitrary files, resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Sudo contains a flaw that may allow a malicious local user to manipulate arbitrary files on the system. The issue is due to the VIsudo creating temporary files insecurely if it is invoked on a sudoers file that is contained in a world writable directory. It is possible for a user to use a symlink style attack to corrupt arbitrary files, resulting in a loss of integrity.

References:

Vendor URL: http://www.courtesan.com/sudo/sudo.html CVE-2005-1119 Bugtraq ID: 13171