Debian Bug report logs -
#578275
CVE-2010-1163: incomplete fix for the sudoedit privilege escalation issue CVE-2010-0426
Reported by: Luciano Bello <luciano@debian.org>
Date: Sun, 18 Apr 2010 15:21:01 UTC
Severity: grave
Tags: patch, security
Found in version sudo/1.7.2p5-1
Fixed in version sudo/1.7.2p6-1
Done: Bdale Garbee <bdale@gag.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Bdale Garbee <bdale@gag.com>:
Bug#578275; Package sudo.
(Sun, 18 Apr 2010 15:21:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Luciano Bello <luciano@debian.org>:
New Bug report received and forwarded. Copy sent to Bdale Garbee <bdale@gag.com>.
(Sun, 18 Apr 2010 15:21:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: sudo
Version: 1.6.9p17-2
Severity: grave
Tags: security, patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for sudo.
CVE-2010-1163[0]:
| The command matching functionality in sudo 1.6.9p22 through 1.7.2p5 does not
| properly handle when a file in the current working directory has the same name
| as a pseudo-command in the sudoers file and the PATH contains an entry
| for ".", which allows local users to execute arbitrary commands via a Trojan
| horse executable, as demonstrated using sudoedit, a different vulnerability
| than CVE-2010-0426.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1163
http://security-tracker.debian.org/tracker/CVE-2010-1163
The vulnerability only affects when ignore_dot value is on. Lenny is not
affected since the default value is off and can be changed.
The patch: https://bugzilla.redhat.com/attachment.cgi?id=405247&action=diff
thanks, luciano
[signature.asc (application/pgp-signature, inline)]
Bug Marked as found in versions sudo/1.7.2p5-1; no longer marked as found in versions sudo/1.6.9p17-2.
Request was from Luciano Bello <luciano@debian.org>
to control@bugs.debian.org.
(Sun, 18 Apr 2010 15:51:05 GMT) (full text, mbox, link).
Reply sent
to Bdale Garbee <bdale@gag.com>:
You have taken responsibility.
(Tue, 20 Apr 2010 03:36:06 GMT) (full text, mbox, link).
Notification sent
to Luciano Bello <luciano@debian.org>:
Bug acknowledged by developer.
(Tue, 20 Apr 2010 03:36:06 GMT) (full text, mbox, link).
Message #12 received at 578275-close@bugs.debian.org (full text, mbox, reply):
Source: sudo
Source-Version: 1.7.2p6-1
We believe that the bug you reported is fixed in the latest version of
sudo, which is due to be installed in the Debian FTP archive:
sudo-ldap_1.7.2p6-1_i386.deb
to main/s/sudo/sudo-ldap_1.7.2p6-1_i386.deb
sudo_1.7.2p6-1.debian.tar.gz
to main/s/sudo/sudo_1.7.2p6-1.debian.tar.gz
sudo_1.7.2p6-1.dsc
to main/s/sudo/sudo_1.7.2p6-1.dsc
sudo_1.7.2p6-1_i386.deb
to main/s/sudo/sudo_1.7.2p6-1_i386.deb
sudo_1.7.2p6.orig.tar.gz
to main/s/sudo/sudo_1.7.2p6.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 578275@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bdale Garbee <bdale@gag.com> (supplier of updated sudo package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 19 Apr 2010 10:45:47 -0600
Source: sudo
Binary: sudo sudo-ldap
Architecture: source i386
Version: 1.7.2p6-1
Distribution: unstable
Urgency: low
Maintainer: Bdale Garbee <bdale@gag.com>
Changed-By: Bdale Garbee <bdale@gag.com>
Description:
sudo - Provide limited super user privileges to specific users
sudo-ldap - Provide limited super user privileges to specific users
Closes: 570737 578275
Changes:
sudo (1.7.2p6-1) unstable; urgency=low
.
* new upstream version fixing CVE-2010-1163, closes: #578275, #570737
Checksums-Sha1:
4bc4847a322646716af8609e5fdc2bd06216a48e 1669 sudo_1.7.2p6-1.dsc
45976e82cc2ca9f34cad574629ddd998c377734e 771148 sudo_1.7.2p6.orig.tar.gz
dd0f47032091456997fa7e55d799d06b2d18c318 21064 sudo_1.7.2p6-1.debian.tar.gz
8db50462a048b81e417ea8757000845157501e8c 309468 sudo_1.7.2p6-1_i386.deb
2cf883e763d131df2245c787817e2b0dcdffdfb1 333748 sudo-ldap_1.7.2p6-1_i386.deb
Checksums-Sha256:
aca61503dad001e1fa8fd967a41b820bd8a6a7fa5583d00c5289f4ab315a99d8 1669 sudo_1.7.2p6-1.dsc
8104c5e0130f100bbdbfbc0318fea3024027929adaafd2018f1c96c94f771161 771148 sudo_1.7.2p6.orig.tar.gz
c9c87d1a700bfb45cf214e42edae5a932191cb948e914776af3fd4ba5bc7fab5 21064 sudo_1.7.2p6-1.debian.tar.gz
3571e36ebcbf6e1fec66ab62bdb0a5f0fcb85509ff07c2ad21a5a4d954b4cab7 309468 sudo_1.7.2p6-1_i386.deb
7ae295a6e9384674955f457d5b3159e00bfe3cfad8cc4fd276f57222427e9b76 333748 sudo-ldap_1.7.2p6-1_i386.deb
Files:
ff7041a040d3ab34f8c62ac38d6dee89 1669 admin optional sudo_1.7.2p6-1.dsc
c4f1a43e8ba94f6bf06d2211442148c4 771148 admin optional sudo_1.7.2p6.orig.tar.gz
0af614180e532711ad4c846fc1308a3d 21064 admin optional sudo_1.7.2p6-1.debian.tar.gz
9152461e4c861219eeafa33bf93d5b5b 309468 admin optional sudo_1.7.2p6-1_i386.deb
fa3e98f8fe0fdb618ab9d8b775046877 333748 admin optional sudo-ldap_1.7.2p6-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIVAwUBS80YEDqTYZbAldlBAQpajQ//QmS58vecEbzrkTuQIYQnKfwtxPfRfR5e
v4V0cXjvOXhiyGqnCBk9pkdPuWjCHHqjgFEczJ4vPFu6FjTzWzv2/9BVjiRBfSVO
T3pjchZ2qlUjqZGf4g7N8Q1piLCKOBsB0m68BLqD4fGCffM6q5MbZhPPBT6JSw8b
2CgtLF+sKR7bHO2amrJSX7F5Ry6ZggFbVuFXEgYyzlfnzS7gN2Iwpl3UthgZXBiK
XvuHo/zQa//kCU1meubDBHNU0zkcDeTfJ5GhzLwpC7RJ0D++Cbbgtub9FTZ3gb31
0EqvM6mxn+rXxTOAWjL8I2tsZaksTAGHbi+brqYXzTrGEY3owzVHoH6+T2x50l9e
gl+XWTFs9VmPCaYPGAZgOGKKyubpFOmyHtWM0NGszpRNKjf53yx9xp0rfZdIOWBU
i1YMAfb1F7FgdQKk0xmCm4gPzMSMJ6MZJ9k0p2NQKxvfQGSkJbDtoDfT8HHc+tIq
iuPh4XHKbk619miMns1AbkSxFIhmDtfh45/J9o6HlaYWAzwg+HKoSSIzyPENqqR2
CwAsL0iT5SRLyWI3z9xs63ifYDEIN6O+MK5rSfTwyFCLF7fRTCx8HY6/rbLg8qxE
kcFgUCOfXkKOoaBS3AeLstHHCshFrMvJza/qSzGy2pKHY596yjdwrrZllljNZ6b2
CWFyFwOVfwY=
=gGs5
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Fri, 28 May 2010 07:40:43 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:58:43 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon