Author Topic: sudo privilege escalation vulnerability - widespread  (Read 1367 times)

0 Members and 1 Guest are viewing this topic.

Offline Scott

  • Posting Member
  • Newbie
  • *
  • Posts: 21
sudo privilege escalation vulnerability - widespread
« on: October 16, 2019, 10:42:50 am »
It was reported earlier this week that a privilege escalation vulnerability exists in all current versions of sudo affecting practically every linux/unix install out there.  This permits any user with shell access to run commands as root, without the required password.  Below are a couple of links for bathroom reading. :)

https://www.bleepingcomputer.com/news/linux/linux-sudo-bug-lets-you-run-commands-as-root-most-installs-unaffected/
https://threatpost.com/sudo-bug-root-access-linux/149169/
https://usn.ubuntu.com/4154-1/

Offline Jason

  • President
  • Administrator
  • Hero Member
  • *****
  • Posts: 3479
  • Humanist. Skeptic. Husband.
Re: sudo privilege escalation vulnerability - widespread
« Reply #1 on: October 16, 2019, 08:37:22 pm »
Hey Scott! Long time no see (or read).

Thanks for the info. Kubuntu had an update before I even read about it, maybe the same day that it appeared in the media. The update came through the Ubuntu channel, of course. I might save the reading material for later as I"m pretty involved in the election and (surprisingly perhaps) I don't want to do anything that actually requires thinking in my free time. :-)

You did remind me to update the PLUG server although there isn't any other users other than me. Still sounds scary enough that I won't be able to sleep without fixing it.

Don't be a stranger - we miss your insights here.
« Last Edit: October 16, 2019, 08:38:55 pm by Jason Wallwork »
"With all its sham, drudgery, and broken dreams, it is still a beautiful world." - Max Ehrmann, Desiderata

Offline Jason

  • President
  • Administrator
  • Hero Member
  • *****
  • Posts: 3479
  • Humanist. Skeptic. Husband.
Re: sudo privilege escalation vulnerability - widespread
« Reply #2 on: October 16, 2019, 08:54:40 pm »
I should have read the first article. The server was unaffected by the vulnerability as it doesn't use any sudo directives.

It seems odd that my desktop would have directives as I didn't add any but look at the sudoers file:
Code: [Select]
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

Yikes! Any member of the admin or sudo group can execute ANY command. Seems like overkill. At least nobody else uses my machine (not even remotely).
« Last Edit: October 16, 2019, 08:56:38 pm by Jason Wallwork »
"With all its sham, drudgery, and broken dreams, it is still a beautiful world." - Max Ehrmann, Desiderata