Security update for sudo
SUSE Security Update: Security update for sudo
This LTSS rollup update fixes the following security issues
which allowed to bypass the sudo authentication:
*
CVE-2013-1775: sudo allowed local users or
physically-proximate attackers to bypass intended time
restrictions and retain privileges without
re-authenticating by setting the system clock and sudo user
timestamp to the epoch.
*
CVE-2013-1776: sudo, when the tty_tickets option is
enabled, did not properly validate the controlling terminal
device, which allowed local users with sudo permissions to
hijack the authorization of another terminal via vectors
related to connecting to a standard input, output, and
error file descriptors of another terminal.
*
CVE-2013-2776: sudo, when running on systems without
/proc or the sysctl function with the tty_tickets option
enabled, did not properly validate the controlling terminal
device, which allowed local users with sudo permissions to
hijack the authorization of another terminal via vectors
related to connecting to a standard input, output, and
error file descriptors of another terminal.
*
CVE-2013-2777: sudo, when the tty_tickets option is
enabled, did not properly validate the controlling terminal
device, which allowed local users with sudo permissions to
hijack the authorization of another terminal via vectors
related to a session without a controlling terminal device
and connecting to a standard input, output, and error file
descriptors of another terminal.
Also a non-security bug was fixed:
* set global ldap option before ldap init (bnc#760697)
Security Issue references:
* CVE-2013-1775
>
* CVE-2013-1776
>
* CVE-2013-2776
>
* CVE-2013-2777
>
| Announcement ID: | SUSE-SU-2013:1594-1 |
| Rating: | moderate |
| References: | #760697 #806919 #806921 #817349 #817350 |
| Affected Products: |
An update that solves four vulnerabilities and has one errata is now available. It includes one version update.
Description:
This LTSS rollup update fixes the following security issues
which allowed to bypass the sudo authentication:
*
CVE-2013-1775: sudo allowed local users or
physically-proximate attackers to bypass intended time
restrictions and retain privileges without
re-authenticating by setting the system clock and sudo user
timestamp to the epoch.
*
CVE-2013-1776: sudo, when the tty_tickets option is
enabled, did not properly validate the controlling terminal
device, which allowed local users with sudo permissions to
hijack the authorization of another terminal via vectors
related to connecting to a standard input, output, and
error file descriptors of another terminal.
*
CVE-2013-2776: sudo, when running on systems without
/proc or the sysctl function with the tty_tickets option
enabled, did not properly validate the controlling terminal
device, which allowed local users with sudo permissions to
hijack the authorization of another terminal via vectors
related to connecting to a standard input, output, and
error file descriptors of another terminal.
*
CVE-2013-2777: sudo, when the tty_tickets option is
enabled, did not properly validate the controlling terminal
device, which allowed local users with sudo permissions to
hijack the authorization of another terminal via vectors
related to a session without a controlling terminal device
and connecting to a standard input, output, and error file
descriptors of another terminal.
Also a non-security bug was fixed:
* set global ldap option before ldap init (bnc#760697)
Security Issue references:
* CVE-2013-1775
* CVE-2013-1776
* CVE-2013-2776
* CVE-2013-2777
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware LTSS:
zypper in -t patch slessp1-sudo-8428 - SUSE Linux Enterprise Server 11 SP1 LTSS:
zypper in -t patch slessp1-sudo-8428
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64) [New Version: 1.7.6p2]:
- sudo-1.7.6p2-0.2.12.5
- SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 1.7.6p2]:
- sudo-1.7.6p2-0.2.12.5
References:
- http://support.novell.com/security/cve/CVE-2013-1775.html
- http://support.novell.com/security/cve/CVE-2013-1776.html
- http://support.novell.com/security/cve/CVE-2013-2776.html
- http://support.novell.com/security/cve/CVE-2013-2777.html
- https://bugzilla.novell.com/760697
- https://bugzilla.novell.com/806919
- https://bugzilla.novell.com/806921
- https://bugzilla.novell.com/817349
- https://bugzilla.novell.com/817350
- http://download.suse.com/patch/finder/?keywords=66b1eced1248cd2a904f88f64ac445fc