| The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them. |
|
 |
|
|
|
vulnerability bulletin CVE-2012-0809
sudo: format string attack
Synthesis of the vulnerability
| A local attacker can use a format string attack of sudo, in order to gain root privileges. |
Severity: 2/4.
Creation date: 30/01/2012.
|
Impacted products
Description of the vulnerability
The sudo program is installed suid root.
The "-D" option of sudo runs it in debug mode. In this case, the sudo_debug() function is called to display messages. These messages are for example:
program_name(sudo): message
The program name is retrieved from argv[0], which is then used in a format string via vfprintf(). However, special characters, such as '%', are not filtered.
A local attacker can therefore use a format string attack of sudo, in order to gain root privileges. |
Share this bulletin
Complete Vigil@nce bulletin
Characteristics
Title: sudo: format string attack.
Keywords: attack format program_name string sudo sudo_debug.
Identifiers: CVE-2012-0809, FEDORA-2012-1028, VIGILANCE-VUL-11328.
|
Information sources
Solutions for this vulnerability
Supplements
Computer vulnerabilities tracking service
Vigil@nce provides a software vulnerability workaround. The technology watch team tracks security threats targeting the computer system. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.
|
