OSVDB ID: 20764

Title: sudo PERL5OPT Environment Cleaning Multiple Variable Privilege Escalation

Info

Disclosure

Nov 10, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Nov 10, 2005

Description

sudo contain a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a user is able to run perl scripts via sudo, and the perl scripts to not have the taint flag (-T). This flaw may lead to a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Other
Impact: Loss of Integrity
Solution: Workaround, Patch / RCS, Upgrade
Exploit: Exploit Public
Disclosure: Vendor Verified, Vendor Verified, Third-party Verified, Coordinated Disclosure

Solution

Upgrade to version 1.6.8p12 or higher, as it has been reported to fix this vulnerability. An administrator can also apply the following workaround: Add 'Defaults env_delete+="PERLLIB PERL5LIB PERL5OPT"' to the top of the sudoers file to strip out the offending variables.

Products

Sudo	Sudo	1.6.3p7
		1.6.8p7
		1.3.1p12
		1.5.6
		1.6.4
		1.6.8p8
		1.3.1p14
		1.3.1p13
		1.6.4p1
		1.3.2 BETA
		1.6.4p2
		1.3.3 BETA
		1.3.4 BETA
		1.3.5 BETA
		1.3.1
		1.6.5p2
		1.6.5
		1.3.6 BETA
		1.5.7
		1.6.6
		1.6.5p1
		1.5.8
		1.6.7
		1.3.7 GAMMA
		1.5.8p1
		1.6.7p1
		1.4
		1.5.8p2
		1.6.7p2
		1.4.1
		1.6
		1.6.7p3
		1.4.3
		1.3.1p2
		1.4.2
		1.6.1
		1.6.7p4
		1.3.1p4
		1.4.4
		1.3.1p3
		1.6.2
		1.6.7p5
		1.3.1p5
		1.4.5
		1.6.8
		1.3.1p6
		1.5
		1.3.1p7
		1.5.1
		1.6.3
		1.6.8p2
		1.3.1p8
		1.5.2
		1.6.3p3
		1.6.3p1
		1.6.8p3
		1.6.8p1
		1.5.3
		1.6.3p4
		1.6.3p2
		1.6.8p4
		1.3.1p9
		1.6.3p5
		1.6.8p5
1.3.1p10
1.5.4
1.5.5
1.3.1p11
1.6.8p6
1.6.3p6
1.6.8p9
1.6.8p10
1.6.8p11