diff options
| author | wxs <wxs@FreeBSD.org> | 2012-01-31 00:36:42 +0800 |
|---|---|---|
| committer | wxs <wxs@FreeBSD.org> | 2012-01-31 00:36:42 +0800 |
| commit | a1e675e506d14450a94f74c55e0e3d780d9885d1 (patch) | |
| tree | c6c4cbe6591384fe753be5d2a6bb06183c4d927d /security/vuxml | |
| parent | 89314e1212c387dcb5bccfd2ddd31565c543a86f (diff) | |
| download | freebsd-ports-gnome-a1e675e506d14450a94f74c55e0e3d780d9885d1.tar.gz freebsd-ports-gnome-a1e675e506d14450a94f74c55e0e3d780d9885d1.tar.zst freebsd-ports-gnome-a1e675e506d14450a94f74c55e0e3d780d9885d1.zip | |
Document sudo format string vulnerability.
Diffstat (limited to 'security/vuxml')
| -rw-r--r-- | security/vuxml/vuln.xml | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 681dde48db8f..1d0f33cd50a0 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -47,6 +47,44 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="7c920bb7-4b5f-11e1-9f47-00e0815b8da8"> + <topic>sudo -- format string vulnerability</topic> + <affects> + <package> + <name>sudo</name> + <range><lt>1.8.3_2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Todd Miller reports:</p> + <blockquote cite="http://www.gratisoft.us/sudo/alerts/sudo_debug.html"> + <p>Sudo 1.8.0 introduced simple debugging support that was primarily + intended for use when developing policy or I/O logging plugins. + The sudo_debug() function contains a flaw where the program name + is used as part of the format string passed to the fprintf() + function. The program name can be controlled by the caller, + either via a symbolic link or, on some systems, by setting argv[0] + when executing sudo.</p> + <p>Using standard format string vulnerability exploitation techniques + it is possible to leverage this bug to achieve root privileges.</p> + <p>Exploitation of the bug does not require that the attacker be + listed in the sudoers file. As such, we strongly suggest that + affected sites upgrade from affected sudo versions as soon as + possible.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2012-0809</cvename> + <url>http://www.gratisoft.us/sudo/alerts/sudo_debug.html</url> + </references> + <dates> + <discovery>2012-01-30</discovery> + <entry>2012-01-30</entry> + </dates> + </vuln> + <vuln vid="e51d5b1a-4638-11e1-9f47-00e0815b8da8"> <topic>FreeBSD -- pam_ssh() does not validate service names</topic> <affects> |