Detections
Analytics

FreeBSD : sudo -- local privilege escalation (908f4cf2-1e8b-11e0-a587-001b77d09812)

medium Nessus Plugin ID 51521

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Todd Miller reports :

Beginning with sudo version 1.7.0 it has been possible to grant permission to run a command using a specified group via sudo's -g option (run as group), if allowed by the sudoers file. A flaw exists in sudo's password checking logic that allows a user to run a command with only the group changed without being prompted for a password.

Solution

Update the affected package.

See Also

https://www.sudo.ws/sudo/alerts/runas_group_pw.html

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609641

http://www.nessus.org/u?4183880e

Plugin Details

Severity: Medium

ID: 51521

File Name: freebsd_pkg_908f4cf21e8b11e0a587001b77d09812.nasl

Version: 1.11

Type: local

Published: 1/14/2011

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 4.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:sudo, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 1/13/2011

Vulnerability Publication Date: 1/11/2011

Reference Information

CVE: CVE-2011-0010