SUSE-SU-2013:1595-1: moderate: Security update for sudo
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Mon Oct 28 09:04:14 MDT 2013
SUSE Security Update: Security update for sudo
______________________________________________________________________________
Announcement ID: SUSE-SU-2013:1595-1
Rating: moderate
References: #724490 #806919 #806921 #817349 #817350
Cross-References: CVE-2013-1775 CVE-2013-1776 CVE-2013-2776
CVE-2013-2777
Affected Products:
SUSE Linux Enterprise Server 10 SP3 LTSS
______________________________________________________________________________
An update that solves four vulnerabilities and has one
errata is now available.
Description:
This LTSS rollup update fixes the following security issues
which allowed to bypass the sudo authentication:
*
CVE-2013-1775: sudo allowed local users or
physically-proximate attackers to bypass intended time
restrictions and retain privileges without
re-authenticating by setting the system clock and sudo user
timestamp to the epoch.
*
CVE-2013-1776: sudo, when the tty_tickets option is
enabled, did not properly validate the controlling terminal
device, which allowed local users with sudo permissions to
hijack the authorization of another terminal via vectors
related to connecting to a standard input, output, and
error file descriptors of another terminal.
*
CVE-2013-2776: sudo, when running on systems without
/proc or the sysctl function with the tty_tickets option
enabled, did not properly validate the controlling terminal
device, which allowed local users with sudo permissions to
hijack the authorization of another terminal via vectors
related to connecting to a standard input, output, and
error file descriptors of another terminal.
*
CVE-2013-2777: sudo, when the tty_tickets option is
enabled, did not properly validate the controlling terminal
device, which allowed local users with sudo permissions to
hijack the authorization of another terminal via vectors
related to a session without a controlling terminal device
and connecting to a standard input, output, and error file
descriptors of another terminal.
Also a non-security bug was fixed:
* escape string passed to ldap search (bnc#724490)
Security Issue references:
* CVE-2013-1775
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1775
>
* CVE-2013-1776
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1776
>
* CVE-2013-2776
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2776
>
* CVE-2013-2777
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2777
>
Package List:
- SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64):
sudo-1.6.8p12-18.21.8
References:
http://support.novell.com/security/cve/CVE-2013-1775.html
http://support.novell.com/security/cve/CVE-2013-1776.html
http://support.novell.com/security/cve/CVE-2013-2776.html
http://support.novell.com/security/cve/CVE-2013-2777.html
https://bugzilla.novell.com/724490
https://bugzilla.novell.com/806919
https://bugzilla.novell.com/806921
https://bugzilla.novell.com/817349
https://bugzilla.novell.com/817350
http://download.novell.com/patch/finder/?keywords=15848b3b7ae158210dabd736b67fa800
More information about the sle-updates
mailing list