Sudo Multiple Security Bypass Vulnerabilities

Description Sudo is prone to multiple security-bypass vulnerabilities. Attackers can exploit these issues to bypass security restrictions and perform unauthorized actions. Sudo versions through 1.8.29 are vulnerable. Technologies Affected Todd Miller Sudo 1.3.5 Todd Miller Sudo 1.5 Todd Miller Su...

CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...

CVE-2017-1000367

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...

Design/Logic Flaw

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...

CVE-2017-1000367

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...

CVE-2017-1000367

CVE-2017-1000367 affects sudo versions up to and including 1.8.20 and earlier, due to input validation issues in get_process_ttyname() that incorrectly parsed tty information from /proc, enabling information disclosure and local privilege escalation. The issue is tied to parsing tty data from the...

Todd Miller Sudo Local Security Bypass Vulnerability

Sudo is a program that allows users to securely execute commands with other user privileges and is widely used under Linux and Unix operating systems. A local security bypass vulnerability exists in Todd Miller Sudo, which allows local attackers to exploit the vulnerability to bypass security...

Todd Miller Sudo 'validate_env_vars()'本地权限提升漏洞

BUGTRAQ ID: 65997 CVECAN ID: CVE-2014-0106 Sudo是允许系统管理员让普通用户执行一些或者全部的root命令的一个工具，减少了root用户的登陆和管理时间，提高了安全性。 sudo 1.6.9-1.8.4p5版本启用后envreset后，没有正确过滤某些环境变量，在实现上存在本地权限提升漏洞，本地攻击者可利用此漏洞以提升的权限运行任意命令。 0 Todd Miller Sudo 1.6.9 - 1.8.4p5 厂商补丁： Todd Miller ----------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

PlayStation hacker gets year of House Arrest for destroying evidence of Hack

23-year-old Todd Miller, suspected of hacking into Sony's PlayStation Network, was due to be arrested, will spend a year on house arrest, but not for the hacking. Instead, he was sentenced yesterday in federal court for obstructing a federal investigation because he smashed his computers, halting...

PlayStation hacker gets year of House Arrest for destroying evidence of Hack

23-year-old Todd Miller, suspected of hacking into Sony’s PlayStation Network, was due to be arrested, will spend a year on house arrest, but not for the hacking. Instead, he was sentenced yesterday in federal court for obstructing a federal investigation because he smashed his computers, halting...

FreeBSD : sudo -- Secure path vulnerability (d42e5b66-6ea0-11df-9c8d-00e0815b8da8)

Todd Miller reports : Most versions of the C library function getenv return the first instance of an environment variable to the caller. However, some programs, notably the GNU Bourne Again SHell bash, do their own environment parsing and may choose the last instance of a variable rather than the...

Sudo sudoedit路径解析本地权限提升漏洞

BUGTRAQ ID: 39468 CVE ID: CVE-2010-1163 Sudo是一款允许用户以其他用户权限安全的执行命令的程序，广泛使用在Linux和Unix操作系统下。...

sudo -- Privilege escalation with sudoedit

Todd Miller reports: Sudo's command matching routine expects actual commands to include one or more slash '/' characters. The flaw is that sudo's path resolution code did not add a "./" prefix to commands found in the current working directory. This creates an ambiguity between a "sudoedit" comma...

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability

Exploit for unknown platform in category local exploits ==================================================================== Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability ==================================================================== Vulnerable: Ubuntu Ubuntu Linux 9....

Todd Miller Sudo 'runas_default'本地特权提升漏洞

Bugraq ID: 38432 CVE ID：CVE-2010-0427 Sudo是一款允许用户以其他用户权限安全地执行命令的程序，广泛使用在Linux和Unix操作系统下。 当使用"runasdefault"选项时，sudo不正确重设组权限。如果本地非特权用户由sudoers文件授权在默认用户帐户下执行sudo命令，可导致特权提升。 Todd Miller Sudo 1.6.9 p19 Todd Miller Sudo 1.6.9 p18 Todd Miller Sudo 1.6.9 p17 Todd Miller Sudo 1.6.9 p21已经修复此漏洞，建议用户下载使用：...

Sudo sudoedit命令本地权限提升漏洞

BUGTRAQ ID: 38362 CVECAN ID: CVE-2010-0426 Sudo是一款允许用户以其他用户权限安全地执行命令的程序，广泛使用在Linux和Unix操作系统下。 由于处理sudoedit命令时的错误，拥有sudoedit权限的本地用户可以以root用户权限执行任意代码。成功攻击要求sudoedit命令没有在sudoers文件中指定完整路径。 Todd Miller Sudo 1.7 Todd Miller Sudo 1.6 Todd Miller ----------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Todd Miller Sudo Runas_Alias组本地权限提升漏洞

BUGTRAQ ID: 33517 CVECAN ID: CVE-2009-0034 Sudo是一款允许用户以其他用户权限安全地执行命令的程序，广泛使用在Linux和Unix操作系统下。 sudo在确认用户属于哪个组的时候sudo中的parse.c文件没有正确地解释sudoer配置文件中的系统组（也被称为%group），本地用户可以利用run-as-user-in-group功能无需口令认证便以root用户权限执行sudo命令。 Todd Miller Sudo 1.6.9p17 - 1.6.9p19 厂商补丁： RedHat ------...