exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice 235-2

Ubuntu Security Notice 235-2
Posted Jan 10, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-235-2 - USN-235-1 fixed a vulnerability in sudo's handling of environment variables. Tavis Ormandy noticed that sudo did not filter out the PYTHONINSPECT environment variable, so that users with the limited privilege of calling a python script with sudo could still escalate their privileges.

tags | advisory, python
systems | linux, ubuntu
advisories | CVE-2005-4158
SHA-256 | 9364621ca1386d4eb6039a9c6fc2ed92b24f6445ebcca81ce0c878381741b487

Ubuntu Security Notice 235-2

Change Mirror Download
===========================================================
Ubuntu Security Notice USN-235-2 January 09, 2006
sudo vulnerability
CVE-2005-4158
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

sudo

The problem can be corrected by upgrading the affected package to
version 1.6.7p5-1ubuntu4.5 (for Ubuntu 4.10), 1.6.8p5-1ubuntu2.4 (for
Ubuntu 5.04), or 1.6.8p9-2ubuntu2.3 (for Ubuntu 5.10). In general, a
standard system upgrade is sufficient to effect the necessary changes.

Details follow:

USN-235-1 fixed a vulnerability in sudo's handling of environment
variables. Tavis Ormandy noticed that sudo did not filter out the
PYTHONINSPECT environment variable, so that users with the limited
privilege of calling a python script with sudo could still escalate
their privileges.

For reference, this is the original advisory:

Charles Morris discovered a privilege escalation vulnerability in
sudo. On executing Perl scripts with sudo, various environment
variables that affect Perl's library search path were not cleaned
properly. If sudo is set up to grant limited sudo execution of Perl
scripts to normal users, this could be exploited to run arbitrary
commands as the target user.

This security update also filters out environment variables that can
be exploited similarly with Python, Ruby, and zsh scripts.

Please note that this does not affect the default Ubuntu
installation,
or any setup that just grants full root privileges to certain users.


Updated packages for Ubuntu 4.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.7p5-1ubuntu4.5.diff.gz
Size/MD5: 28087 c4c49fb56eaf07d8d8312e1563de869a
http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.7p5-1ubuntu4.5.dsc
Size/MD5: 585 0dfe580569af7a6f75aeb51462d26ca6
http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.7p5.orig.tar.gz
Size/MD5: 349785 55d503e5c35bf1ea83d38244e0242aaf

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.7p5-1ubuntu4.5_amd64.deb
Size/MD5: 156652 4753cf309a44e54bf6138e9079f2ab30

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.7p5-1ubuntu4.5_i386.deb
Size/MD5: 146076 2bc7039c20afd55c7c582edf41fda32c

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.7p5-1ubuntu4.5_powerpc.deb
Size/MD5: 153628 9d11cfcfa5032bfb13e5c3e191617cdf

Updated packages for Ubuntu 5.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p5-1ubuntu2.4.diff.gz
Size/MD5: 31718 cc1670e4bf8f650c084e18d55e190c3c
http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p5-1ubuntu2.4.dsc
Size/MD5: 585 141818c0d2b26303249d6d52c26ce30e
http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p5.orig.tar.gz
Size/MD5: 584832 03538d938b8593d6f1d66ec6c067b5b5

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p5-1ubuntu2.4_amd64.deb
Size/MD5: 170814 caeb3203cb545fbe24c1a7aa96bc6458

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p5-1ubuntu2.4_i386.deb
Size/MD5: 159028 f4eabdef51f7cfc9a113ced11357fcfa

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p5-1ubuntu2.4_powerpc.deb
Size/MD5: 165906 6fc233ccadceec79b1549d5edc387f3e

Updated packages for Ubuntu 5.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p9-2ubuntu2.3.diff.gz
Size/MD5: 28883 2dc82337e89f8b2ec2298e31013d041c
http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p9-2ubuntu2.3.dsc
Size/MD5: 585 03cdee65604b21bb9c0a1a1d8a530d36
http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p9.orig.tar.gz
Size/MD5: 585509 6d0346abd16914956bc7ea4f17fc85fb

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p9-2ubuntu2.3_amd64.deb
Size/MD5: 172726 350f0454c379778fec471c47107428ab

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p9-2ubuntu2.3_i386.deb
Size/MD5: 159132 127092a5fc0522ed272df38216d31acc

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p9-2ubuntu2.3_powerpc.deb
Size/MD5: 167288 e049b18ebc0b282e513a3e20427ef4be
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close