[gentoo-dev] [SECURITY] [GENTOO] New sudo version to fix local root vulnerability

[gentoo-dev] [SECURITY] [GENTOO] New sudo version to fix local root vulnerability

[M0rpheus]

- --------------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 
- --------------------------------------------------------------------------

PACKAGE		:sudo
SUMMARY		:Local vulnerability allows an attacker to obtain root privileges
DATE            :2002-01-17 11:58:00

- --------------------------------------------------------------------------

OVERVIEW

  There is a vulnerability in sudo which can allow an attacker to trick
  sudo into running the system MTA with root privileges and an unclean
  environment, possibly leading to a root compromise.


DETAIL

  Sebastian Krahmer of the SuSE Security Team found a bug in sudo which
  can allow an attacker to send a failed-invocation email with root
  privileges and an unclean environment.  Using the Postfix MTA an
  attacker can potentially gain a root shell.  No other MTA is known to be
  exploitable at this time.

  We would like to reiterate that the bug is in sudo, not Postfix which is
  simply being used as a vehicle in this instance.

  This bug is fixed by having sudo run the MTA with user privileges
  instead of with root privileges.

SOLUTION
  
  It is recommended that all sudo users apply the update

  Portage Auto:

  emerge rsync
  emerge update
  emerge update --world


  Portage by hand:

  emerge rsync
  emerge app-admin/sudo

  Manually:

  Download the new sudo package here and follow in file instructions:
  ftp://ftp.cs.colorado.edu/pub/sudo/sudo-1.6.5.tar.gz

- --------------------------------------------------------------------------
Ferry Meyndert 

m0rpheus@poseidon.mine.nu
- --------------------------------------------------------------------------