Todd Miller Sudo local security bypass tty_tickets Vulnerability

Release date:
Updated on:

Affected Systems:
Todd Miller Sudo 1.8.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 58207

Sudo is a tool that allows system administrators to allow common users to execute some or all of the root commands, reducing the login and management time of root users and improving security.

The local security bypass vulnerability exists in Sudo 1.3.5-1.7.10p6 and sudo 1.8.0-1.8.6p7. You can control the terminals referenced by standard input, output, and error file descriptors, unauthenticated attackers can exploit this vulnerability to bypass security restrictions and perform unauthorized operations. Attackers need to enable the 'tty _ tickets 'option in sudo 1.7.4 or earlier to exploit this vulnerability.

<* Source: Ryan Castellucci

Link: https://bugzilla.redhat.com/show_bug.cgi? Id = 916365
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Todd Miller
-----------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.sudo.ws/sudo/dist/
1.7.x hotfix: http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa

1.8.x hotfix: http://www.sudo.ws/repos/sudo/rev/049a12a5cc14