Detections
Analytics

FreeBSD : doas -- Prevent passing of environment variables (7f7d6412-bae5-11e9-be92-3085a9a95629)

high Nessus Plugin ID 127548

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Jesse Smith (upstream author of the doas program) reported :

Previous versions of 'doas' transferred most environment variables, such as USER, HOME, and PATH from the original user to the target user.

Passing these variables could cause files in the wrong path or home directory to be read (or written to), which resulted in potential security problems.

Many thanks to Sander Bos for reporting this issue and explaining how it can be exploited.

Solution

Update the affected package.

See Also

https://marc.info/?l=openbsd-tech&m=156105665713340&w=2

https://github.com/slicer69/doas/releases/tag/6.1

http://www.nessus.org/u?00b6d1a2

Plugin Details

Severity: High

ID: 127548

File Name: freebsd_pkg_7f7d6412bae511e9be923085a9a95629.nasl

Version: 1.2

Type: local

Published: 8/12/2019

Updated: 8/20/2019

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:doas, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 8/9/2019

Vulnerability Publication Date: 8/3/2019