Linux vulnerability (sudo) enables users to obtain root privileges

  • 540
  •  
  •  
  •  
  •  
  •  
  •  
    540
    Shares

A critical Linux vulnerability has been discovered by researchers at Qualys, the vulnerability (CVE-2017-1000367) could be exploited by a low privileged user to gain full root access on a vulnerable system.The high severity flaw allows local users with privileges to execute commands via Sudo and could end in the user being able to escalate their privileges to root.

The high severity flaw allows local users with privileges to execute commands via Sudo and could end in the user being able to escalate their privileges to root. Sudo is a program for Linux and UNIX systems that enables regular users to run specific commands as a superuser, such as adding users or performing system updates.

Sudo is a program for Linux and UNIX systems that enables regular users to run specific commands as a superuser, such as adding users or performing system updates.”On Linux systems,

“On Linux systems, sudo parses the /proc/[pid]/stat file to determine the device number of the process’s tty (field 7). The fields in the file are space-delimited, but it is possible for the command name (field 2) to include white space (including newline), which sudo does not account for,” the sudo advisory said. “A user with sudo privileges can cause sudo to use a device number of the user’s choosing by creating a symbolic link from the sudo binary to a name that contains a space, followed by a number.””If SELinux is enabled on the system and

“If SELinux is enabled on the system and sudo was built with SELinux support, a user with sudo privileges may be able to to overwrite an arbitrary file. This can be escalated to full root access by rewriting a trusted file such as /etc/shadow or even /etc/sudoers.”

The Linux vulnerability affects Sudo 1.8.6p7 through 1.8.20 inclusive. The flaw has been fixed in sudo 1.8.20p1.

Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Do NOT follow this link or you will be banned from the site!