SUSE-SU-2013:1594-1: moderate: Security update for sudo

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Mon Oct 28 09:04:10 MDT 2013


   SUSE Security Update: Security update for sudo
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:1594-1
Rating:             moderate
References:         #760697 #806919 #806921 #817349 #817350 
Cross-References:   CVE-2013-1775 CVE-2013-1776 CVE-2013-2776
                    CVE-2013-2777
Affected Products:
                    SUSE Linux Enterprise Server 11 SP1 for VMware LTSS
                    SUSE Linux Enterprise Server 11 SP1 LTSS
______________________________________________________________________________

   An update that solves four vulnerabilities and has one
   errata is now available. It includes one version update.

Description:


   This LTSS rollup update fixes the following security issues
   which allowed  to bypass the sudo authentication:

   *

   CVE-2013-1775: sudo allowed local users or
   physically-proximate attackers to bypass intended time
   restrictions and retain privileges without
   re-authenticating by setting the system clock and sudo user
   timestamp to the epoch.

   *

   CVE-2013-1776: sudo, when the tty_tickets option is
   enabled, did not properly validate the controlling terminal
   device, which allowed local users with sudo permissions to
   hijack the authorization of another terminal via vectors
   related to connecting to a standard input, output, and
   error file descriptors of another terminal.

   *

   CVE-2013-2776: sudo, when running on systems without
   /proc or the sysctl function with the tty_tickets option
   enabled, did not properly validate the controlling terminal
   device, which allowed local users with sudo permissions to
   hijack the authorization of another terminal via vectors
   related to connecting to a standard input, output, and
   error file descriptors of another terminal.

   *

   CVE-2013-2777: sudo, when the tty_tickets option is
   enabled, did not properly validate the controlling terminal
   device, which allowed local users with sudo permissions to
   hijack the authorization of another terminal via vectors
   related to a session without a controlling terminal device
   and connecting to a standard input, output, and error file
   descriptors of another terminal.

   Also a non-security bug was fixed:

   * set global ldap option before ldap init (bnc#760697)

   Security Issue references:

   * CVE-2013-1775
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1775
   >
   * CVE-2013-1776
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1776
   >
   * CVE-2013-2776
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2776
   >
   * CVE-2013-2777
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2777
   >


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS:

      zypper in -t patch slessp1-sudo-8428

   - SUSE Linux Enterprise Server 11 SP1 LTSS:

      zypper in -t patch slessp1-sudo-8428

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64) [New Version: 1.7.6p2]:

      sudo-1.7.6p2-0.2.12.5

   - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 1.7.6p2]:

      sudo-1.7.6p2-0.2.12.5


References:

   http://support.novell.com/security/cve/CVE-2013-1775.html
   http://support.novell.com/security/cve/CVE-2013-1776.html
   http://support.novell.com/security/cve/CVE-2013-2776.html
   http://support.novell.com/security/cve/CVE-2013-2777.html
   https://bugzilla.novell.com/760697
   https://bugzilla.novell.com/806919
   https://bugzilla.novell.com/806921
   https://bugzilla.novell.com/817349
   https://bugzilla.novell.com/817350
   http://download.novell.com/patch/finder/?keywords=66b1eced1248cd2a904f88f64ac445fc



More information about the sle-security-updates mailing list