FreeBSD : sudo -- netmask vulnerability (b3435b68-9ee8-11e1-997c-002354ed89bc)

high Nessus Plugin ID 59169

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Todd Miller reports :

Sudo supports granting access to commands on a per-host basis. The host specification may be in the form of a host name, a netgroup, an IP address, or an IP network (an IP address with an associated netmask).

When IPv6 support was added to sudo, a bug was introduced that caused the IPv6 network matching code to be called when an IPv4 network address does not match. Depending on the value of the uninitialized portion of the IPv6 address, it is possible for the IPv4 network number to match when it should not. This bug only affects IP network matching and does not affect simple IP address matching.

The reported configuration that exhibited the bug was an LDAP-based sudo installation where the sudoRole object contained multiple sudoHost entries, each containing a different IPv4 network. File-based sudoers should be affected as well as the same matching code is used.

Solution

Update the affected package.

See Also

https://www.sudo.ws/sudo/alerts/netmask.html

http://www.nessus.org/u?e1c17dde

Plugin Details

Severity: High

ID: 59169

File Name: freebsd_pkg_b3435b689ee811e1997c002354ed89bc.nasl

Version: 1.7

Type: local

Published: 5/17/2012

Updated: 1/6/2021

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:sudo, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 5/16/2012

Vulnerability Publication Date: 5/16/2012

Reference Information

CVE: CVE-2012-2337