Gentoo: GLSA-201006-09: sudo: Privilege escalation
Summary
The command matching functionality does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".".
Resolution
All sudo users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/sudo-1.7.2_p6"
References
[ 1 ] CVE-2010-1163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1163
Availability
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201006-09
Concerns
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
Synopsis
A flaw in sudo's -e option may allow local attackers to execute arbitrary commands.
Background
sudo allows a system administrator to give users the ability to run commands as other users.
Affected Packages
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-admin/sudo < 1.7.2_p6 >= 1.7.2_p6
Impact
===== A local attacker with the permission to run sudoedit could, under certain circumstances, execute arbitrary commands as whichever user he has permission to run sudoedit as, typically root.
Workaround
There is no known workaround at this time.