You are here

U-230: Sudo on Red Hat Enterprise Linux %postun Symlink Flaw Lets Local Users Gain Elevated Privileges

August 8, 2012 - 7:00am

Addthis

PROBLEM:

Sudo on Red Hat Enterprise Linux %postun Symlink Flaw Lets Local Users Gain Elevated Privileges

PLATFORM:

Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

ABSTRACT:

An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5.

reference LINKS:

Advisory: RHSA-2012:1149-1
SecurityTracker Alert ID: 1027356
Sudo Main Page
Bugzilla 844442
CVE-2012-3440

IMPACT ASSESSMENT:

Medium

Discussion:

A local user can exploit a temporary file symbolic link flaw in the %postun script to overwrite arbitrary files or modify the contents of the "/etc/nsswitch.conf" file when the sudo package is upgraded or removed. This can be exploited to gain elevated privileges on the target system.

Impact:

A vulnerability was reported in Sudo on Red Hat Enterprise Linux. A local user can obtain elevated privileges on the target system.

Solution:

The vendor has issued a fix. Updates from the Red Hat Network

Addthis