CentOS Local Security Checks : CentOS Update for sudo CESA-2010:0122 centos5 i386

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.880587

Categoría: CentOS Local Security Checks

Título: CentOS Update for sudo CESA-2010:0122 centos5 i386

Resumen: The remote host is missing an update for the 'sudo'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'sudo'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root.

A privilege escalation flaw was found in the way sudo handled the sudoedit
pseudo-command. If a local user were authorized by the sudoers file to use
this pseudo-command, they could possibly leverage this flaw to execute
arbitrary code with the privileges of the root user. (CVE-2010-0426)

The sudo utility did not properly initialize supplementary groups when the
'runas_default' option (in the sudoers file) was used. If a local user
were authorized by the sudoers file to perform their sudo commands under
the account specified with 'runas_default', they would receive the root
user's supplementary groups instead of those of the intended target user,
giving them unintended privileges. (CVE-2010-0427)

Users of sudo should upgrade to this updated package, which contains
backported patches to correct these issues.

Affected Software/OS:
sudo on CentOS 5

Solution:
Please install the updated packages.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0426
1023658
http://securitytracker.com/id?1023658
20101027 rPSA-2010-0075-1 sudo
http://www.securityfocus.com/archive/1/514489/100/0/threaded
38362
http://www.securityfocus.com/bid/38362
38659
http://secunia.com/advisories/38659
38762
http://secunia.com/advisories/38762
38795
http://secunia.com/advisories/38795
38803
http://secunia.com/advisories/38803
38915
http://secunia.com/advisories/38915
39399
http://secunia.com/advisories/39399
ADV-2010-0450
http://www.vupen.com/english/advisories/2010/0450
ADV-2010-0949
http://www.vupen.com/english/advisories/2010/0949
DSA-2006
http://www.debian.org/security/2010/dsa-2006
FEDORA-2010-6701
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html
FEDORA-2010-6749
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html
GLSA-201003-01
http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml
MDVSA-2010:049
http://www.mandriva.com/security/advisories?name=MDVSA-2010:049
SSA:2010-110-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019
SUSE-SR:2010:006
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
USN-905-1
http://www.ubuntu.com/usn/USN-905-1
ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737
http://sudo.ws/bugs/show_bug.cgi?id=389
http://sudo.ws/repos/sudo/rev/88f3181692fe
http://sudo.ws/repos/sudo/rev/f86e1b56d074
http://wiki.rpath.com/Advisories:rPSA-2010-0075
http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/
http://www.sudo.ws/sudo/stable.html
oval:org.mitre.oval:def:10814
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814
oval:org.mitre.oval:def:7238
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238
Common Vulnerability Exposure (CVE) ID: CVE-2010-0427
[oss-security] 20100223 CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set
http://www.openwall.com/lists/oss-security/2010/02/23/4
[oss-security] 20100224 Re: CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set
http://www.openwall.com/lists/oss-security/2010/02/24/5
http://sudo.ws/repos/sudo/rev/aa0b6c01c462
http://www.gratisoft.us/bugzilla/attachment.cgi?id=255
http://www.gratisoft.us/bugzilla/show_bug.cgi?id=349
http://www.sudo.ws/cgi-bin/cvsweb/sudo/set_perms.c.diff?r1=1.30.2.7&r2=1.30.2.8
https://bugzilla.redhat.com/show_bug.cgi?id=567622
oval:org.mitre.oval:def:10946
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10946
oval:org.mitre.oval:def:7216
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7216

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.880587
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for sudo CESA-2010:0122 centos5 i386
Resumen:	The remote host is missing an update for the 'sudo'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'sudo' package(s) announced via the referenced advisory. Vulnerability Insight: The sudo (superuser do) utility allows system administrators to give certain users the ability to run commands as root. A privilege escalation flaw was found in the way sudo handled the sudoedit pseudo-command. If a local user were authorized by the sudoers file to use this pseudo-command, they could possibly leverage this flaw to execute arbitrary code with the privileges of the root user. (CVE-2010-0426) The sudo utility did not properly initialize supplementary groups when the 'runas_default' option (in the sudoers file) was used. If a local user were authorized by the sudoers file to perform their sudo commands under the account specified with 'runas_default', they would receive the root user's supplementary groups instead of those of the intended target user, giving them unintended privileges. (CVE-2010-0427) Users of sudo should upgrade to this updated package, which contains backported patches to correct these issues. Affected Software/OS: sudo on CentOS 5 Solution: Please install the updated packages. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0426 1023658 http://securitytracker.com/id?1023658 20101027 rPSA-2010-0075-1 sudo http://www.securityfocus.com/archive/1/514489/100/0/threaded 38362 http://www.securityfocus.com/bid/38362 38659 http://secunia.com/advisories/38659 38762 http://secunia.com/advisories/38762 38795 http://secunia.com/advisories/38795 38803 http://secunia.com/advisories/38803 38915 http://secunia.com/advisories/38915 39399 http://secunia.com/advisories/39399 ADV-2010-0450 http://www.vupen.com/english/advisories/2010/0450 ADV-2010-0949 http://www.vupen.com/english/advisories/2010/0949 DSA-2006 http://www.debian.org/security/2010/dsa-2006 FEDORA-2010-6701 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html FEDORA-2010-6749 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html GLSA-201003-01 http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml MDVSA-2010:049 http://www.mandriva.com/security/advisories?name=MDVSA-2010:049 SSA:2010-110-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019 SUSE-SR:2010:006 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html USN-905-1 http://www.ubuntu.com/usn/USN-905-1 ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737 http://sudo.ws/bugs/show_bug.cgi?id=389 http://sudo.ws/repos/sudo/rev/88f3181692fe http://sudo.ws/repos/sudo/rev/f86e1b56d074 http://wiki.rpath.com/Advisories:rPSA-2010-0075 http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/ http://www.sudo.ws/sudo/stable.html oval:org.mitre.oval:def:10814 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814 oval:org.mitre.oval:def:7238 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238 Common Vulnerability Exposure (CVE) ID: CVE-2010-0427 [oss-security] 20100223 CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set http://www.openwall.com/lists/oss-security/2010/02/23/4 [oss-security] 20100224 Re: CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set http://www.openwall.com/lists/oss-security/2010/02/24/5 http://sudo.ws/repos/sudo/rev/aa0b6c01c462 http://www.gratisoft.us/bugzilla/attachment.cgi?id=255 http://www.gratisoft.us/bugzilla/show_bug.cgi?id=349 http://www.sudo.ws/cgi-bin/cvsweb/sudo/set_perms.c.diff?r1=1.30.2.7&r2=1.30.2.8 https://bugzilla.redhat.com/show_bug.cgi?id=567622 oval:org.mitre.oval:def:10946 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10946 oval:org.mitre.oval:def:7216 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7216
Copyright	Copyright (C) 2011 Greenbone AG