|
Vulnerability sudo Affected sudo Description Chris Wilson found following. There is a command-line overflow in Sudo. Long parameters will cause sudo to crash after writing a log message. E.g.: bash-2.04$ sudo /bin/true `perl -e 'print "A"x10000'` Password: Sorry, try again. Password: sudo: 1 incorrect password attempt Segmentation fault bash-2.04$ sudo /bin/true `perl -e 'print "A"x10000'` chris is not in the sudoers file. This incident will be reported. Segmentation fault bash-2.04$ sudo -V Sudo version 1.6.3 bash-2.04$ cat /etc/issue Red Hat Linux release 7.0 (Guinness) Kernel 2.2.16-22 on an i686 bash-2.04$ rpm -q sudo sudo-1.6.3-4 Solution The solution is, of course, to upgrade to version 1.6.3p6. For Immunix: http://immunix.org/ImmunixOS/7.0/updates/RPMS/sudo-1.6.3p6-1_imnx_1.i386.rpm http://immunix.org/ImmunixOS/7.0/updates/SRPMS/sudo-1.6.3p6-1_imnx_1.src.rpm For Linux-Mandrake: Linux-Mandrake 7.1: 7.1/RPMS/sudo-1.6.3p6-1.2mdk.i586.rpm 7.1/SRPMS/sudo-1.6.3p6-1.2mdk.src.rpm Linux-Mandrake 7.2: 7.2/RPMS/sudo-1.6.3p6-1.1mdk.i586.rpm 7.2/SRPMS/sudo-1.6.3p6-1.1mdk.src.rpm Corporate Server 1.0.1: 1.0.1/RPMS/sudo-1.6.3p6-1.2mdk.i586.rpm 1.0.1/SRPMS/sudo-1.6.3p6-1.2mdk.src.rpm For Trustix: sudo-1.6.3p6-1tr.i586.rpm sudo-1.6.3p6-1tr.i586.rpm For Conectiva Linux: ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/sudo-1.6.3p6-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.0/i386/sudo-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.0/i386/sudo-doc-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/sudo-1.6.3p6-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.0es/i386/sudo-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.0es/i386/sudo-doc-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/sudo-1.6.3p6-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.1/i386/sudo-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.1/i386/sudo-doc-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/sudo-1.6.3p6-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.2/i386/sudo-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.2/i386/sudo-doc-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/sudo-1.6.3p6-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/sudo-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/sudo-doc-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/sudo-1.6.3p6-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/sudo-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/sudo-doc-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/sudo-1.6.3p6-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/sudo-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/sudo-doc-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/sudo-1.6.3p6-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/sudo-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/sudo-doc-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/sudo-1.6.3p6-1cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/sudo-1.6.3p6-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/sudo-doc-1.6.3p6-1cl.i386.rpm For Debian: http://security.debian.org/debian-security/dists/stable/updates/main/source/sudo_1.6.2p2-1potato1.diff.gz http://security.debian.org/debian-security/dists/stable/updates/main/source/sudo_1.6.2p2-1potato1.dsc http://security.debian.org/debian-security/dists/stable/updates/main/source/sudo_1.6.2p2.orig.tar.gz http://security.debian.org/debian-security/dists/stable/updates/main/binary-alpha/sudo_1.6.2p2-1potato1_alpha.deb http://security.debian.org/debian-security/dists/stable/updates/main/binary-arm/sudo_1.6.2p2-1potato1_arm.deb http://security.debian.org/debian-security/dists/stable/updates/main/binary-i386/sudo_1.6.2p2-1potato1_i386.deb http://security.debian.org/debian-security/dists/stable/updates/main/binary-m68k/sudo_1.6.2p2-1potato1_m68k.deb http://security.debian.org/debian-security/dists/stable/updates/main/binary-sparc/sudo_1.6.2p2-1potato1_sparc.deb For Slackware: ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/ap1/sudo.tgz ftp://ftp.slackware.com/pub/slackware/slackware-7.1/patches/packages/sudo.tgz