CVE-2009-0034 - parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in

CVE-2009-0034

Summary

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.

References

Vulnerable Configurations

cpe:2.3:a:gratisoft:sudo:1.6.9:p17:*:*:*:*:*:*
cpe:2.3:a:gratisoft:sudo:1.6.9:p17:*:*:*:*:*:*
cpe:2.3:a:gratisoft:sudo:1.6.9:p18:*:*:*:*:*:*
cpe:2.3:a:gratisoft:sudo:1.6.9:p18:*:*:*:*:*:*
cpe:2.3:a:gratisoft:sudo:1.6.9:p19:*:*:*:*:*:*
cpe:2.3:a:gratisoft:sudo:1.6.9:p19:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*

CVSS

Base:	6.9 (as of 12-01-2024 - 20:40)
Impact:
Exploitability:

CWE

CWE-863

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:N/C:C/I:C/A:C

oval via4

accepted

2013-04-29T04:09:24.797-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:10856

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

accepted

2014-01-20T04:01:26.413-05:00

class

vulnerability

contributors

name Michael Wood
organization Hewlett-Packard
name Michael Wood
organization Hewlett-Packard
name J. Daniel Brown
organization DTCC
name Chris Coffin
organization The MITRE Corporation

definition_extensions

comment	VMware ESX Server 4.0 is installed
oval	oval:org.mitre.oval:def:6293

description

family

unix

oval:org.mitre.oval:def:6462

status

accepted

submitted

2009-09-22T15:10:44.000-05:00

title

Sudo Supplemental Group Privilege Error Lets Certain Local Users Gain Elevated Privileges

version

redhat via4

advisories

bugzilla

id	481720
title	CVE-2009-0034 sudo: incorrect handling of groups in Runas_User

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005
comment sudo is earlier than 0:1.6.9p17-3.el5_3.1
oval oval:com.redhat.rhsa:tst:20090267001
comment sudo is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20090267002

rhsa

id	RHSA-2009:0267
released	2009-02-05
severity	Moderate
title	RHSA-2009:0267: sudo security update (Moderate)

rpms

sudo-0:1.6.9p17-3.el5_3.1
sudo-debuginfo-0:1.6.9p17-3.el5_3.1

refmap via4

bid	33517
bugtraq	20090129 rPSA-2009-0021-1 sudo 20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl
confirm	http://wiki.rpath.com/Advisories:rPSA-2009-0021 http://www.gratisoft.us/bugzilla/show_bug.cgi?id=327 http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c.diff?r1=1.160.2.21&r2=1.160.2.22&f=h http://www.vmware.com/security/advisories/VMSA-2009-0009.html https://bugzilla.novell.com/show_bug.cgi?id=468923 https://issues.rpath.com/browse/RPL-2954
mandriva	MDVSA-2009:033
mlist	[Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl
osvdb	51736
sectrack	1021688
secunia	33753 33840 33885 35766
vupen	ADV-2009-1865

Last major update

12-01-2024 - 20:40

Published

30-01-2009 - 19:30

Last modified

12-01-2024 - 20:40