FreeBSD : sudo -- local race condition vulnerability (3bf157fa-e1c6-11d9-b875-0001020eed82)

This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Todd C. Miller reports :

A race condition in Sudo's command pathname handling prior to Sudo
version 1.6.8p9 that could allow a user with Sudo privileges to run
arbitrary commands.

Exploitation of the bug requires that the user be allowed to run one
or more commands via Sudo and be able to create symbolic links in the
filesystem. Furthermore, a sudoers entry giving another user access to
the ALL pseudo-command must follow the user's sudoers entry for the
race to exist.

See also :

http://marc.info/?l=bugtraq&m=111928183431376
http://www.nessus.org/u?265dc656

Solution :

Update the affected package.

Risk factor :

Low / CVSS Base Score : 3.7
(CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 3.2
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 18906 (freebsd_pkg_3bf157fae1c611d9b8750001020eed82.nasl)

Bugtraq ID: 13993

CVE ID: CVE-2005-1993

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now