3

USN-905-1: sudo vulnerabilities

view full story
linux-howto

http://www.ubuntu.com – It was discovered that sudo did not reset group permissions when the 'runas_default' configuration option was used. A local attacker could exploit this to escalate group privileges if sudo was configured to allow the attacker to run commands under the runas_default account. The runas_default configuration option is not used in the default installation of Ubuntu. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. (CVE-2010-0427) (Distributions)

hwq123's picture
Submitted by hwq123 on 02/27/2010 – Made popular on 02/27/2010

Stories similar to USN-905-1: sudo vulnerabilities

USN-906-1: CUPS vulnerabilities 3 years 11 weeks ago

It was discovered that the CUPS scheduler did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. (CVE-2009-3553, CVE-2010-0302)

Ronald Volgers discovered that the CUPS lppasswd tool could be made to load

Referenced CVEs: 

CVE-2009-3229, CVE-2009-3230, CVE-2009-3231

Description: 

=========================================================== Ubuntu Security Notice USN-834-1 September 21, 2009 postgresql-8.1, postgresql-8.3 vulnerabilities CVE-2009-3229, CVE-2009-3230, CVE-2009

USN-900-1: Ruby vulnerabilities 3 years 13 weeks ago

Referenced CVEs: 

CVE-2009-1904, CVE-2009-4124, CVE-2009-4492

Description: 

=========================================================== Ubuntu Security Notice USN-900-1 February 16, 2010 ruby1.9 vulnerabilities CVE-2009-1904, CVE-2009-4124, CVE-2009-4492 ==================

Greetings,

I have a Ubuntu 12.04 device that I added to Active Directory via Likewise-Open-GUI.

I also went into the sudoers file and added the AD group (that my username is a member of) underneath the line:

Quote:

%admin ALL=(ALL) ALL

I can do sudo commands in the CLI with no issue, however, if I try to use an app like GParted or Synaptic,

Referenced CVEs: 

CVE-2010-0408, CVE-2010-0434

Description: 

=========================================================== Ubuntu Security Notice USN-908-1 March 10, 2010 apache2 vulnerabilities CVE-2010-0408, CVE-2010-0434 ================================================

I think this is a bug, but wanted to confirm here first.

I have two accounts on machine - first one was created when I built the machine and is part of sudo group.

Other account is coming from active directory, this account also has admin permissions - that is it can execute commands using sudo.

Referenced CVEs: 

CVE-2009-1571, CVE-2009-3988, CVE-2010-0159, CVE-2010-0160, CVE-2010-0162

Description: 

=========================================================== Ubuntu Security Notice USN-896-1 February 17, 2010 firefox-3.5, xulrunner-1.9.1 vulnerabilities CVE-2009-1

Referenced CVEs: 

CVE-2009-2855, CVE-2010-0308

Description: 

=========================================================== Ubuntu Security Notice USN-901-1 February 16, 2010 squid vulnerabilities CVE-2009-2855, CVE-2010-0308 ==================================================

Referenced CVEs: 

CVE-2009-4020, CVE-2009-4021, CVE-2009-4031, CVE-2009-4138, CVE-2009-4141, CVE-2009-4308, CVE-2009-4536, CVE-2009-4538, CVE-2010-0003, CVE-2010-0006, CVE-2010-0007, CVE-2010-0291

Description: 

=========================================================== Ubuntu Sec