Sudo Input Validation Flaw in Perl-related Environment Variables Lets Certain Local Users Execute Arbitrary Perl Code
|
|
SecurityTracker Alert ID: 1015192 |
|
SecurityTracker URL: http://securitytracker.com/id/1015192
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Nov 11 2005
|
Impact:
Execution of arbitrary code via local system, User access via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 1.6.8p12
|
Description:
A vulnerability was reported in Sudo. A local user with permission to run a perl script can execute arbitrary perl code.
Sudo does not properly validate the PERL5LIB, PERLLIB, and PERL5OPT environment variables. A local user with sudo permissions to run a perl script (without the tainting option) can set these variables to execute an arbitrary file with a name that is identical to the name of a system library included by the perl script.
Charles Morris discovered this vulnerability.
|
Impact:
A local user with permissions to run a perl script can execute arbitrary perl code on the target system.
|
Solution:
The vendor has issued a fixed version (1.6.8p12), available at:
http://www.sudo.ws/sudo/download.html
|
Vendor URL: www.sudo.ws/sudo/alerts/perl_env.html (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
Linux (Any), UNIX (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 11 Nov 2005 01:38:01 -0500
Subject: Perl scripts run via Sudo can be subverted
|
http://www.sudo.ws/sudo/alerts/perl_env.html
|
|
