First Last Prev Next    This bug is not in your last search results.
Bug 825 - Security Issue on Sudo
Security Issue on Sudo
Status: RESOLVED INVALID
Product: Sudo
Classification: Unclassified
Component: Sudo
1.8.19
All All
: low security
Assigned To: Todd C. Miller
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-02-27 03:49 MST by Saker
Modified: 2018-02-27 09:16 MST (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Saker 2018-02-27 03:49:39 MST 
if user has sudo permission on more/less command, he can break the sudo and get root permission.

follow these steps to test if you vulnerable or not:
- sudo less /etc/passwd
- then write "!/bin/sh"

it will redirect you to session with root privilege.


Ref.
http://computersecuritystudent.com/UNIX/SUDO/lesson2/index.html
Comment 1 Todd C. Miller 2018-02-27 09:16:06 MST 
This is a well known limitation of sudo.  Please read the "Preventing shell escapes" section in the sudoers manual for ways to solve this.
First Last Prev Next    This bug is not in your last search results.