USN-1442-1: Sudo vulnerability

Releases

• Ubuntu 12.04
• Ubuntu 11.10
• Ubuntu 11.04
• Ubuntu 10.04
• Ubuntu 8.04

Packages

• sudo - Provide limited super user privileges to specific users

Details

It was discovered that sudo incorrectly handled network masks when using Host
and Host_List. A local user who is listed in sudoers may be allowed to run
commands on unintended hosts when IPv4 network masks are used to grant access.
A local attacker could exploit this to bypass intended access restrictions. Host
and Host_List are not used in the default installation of Ubuntu.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 8.04

• sudo-ldap - 1.6.9p10-1ubuntu3.9
• sudo - 1.6.9p10-1ubuntu3.9

Ubuntu 12.04

• sudo-ldap - 1.8.3p1-1ubuntu3.2
• sudo - 1.8.3p1-1ubuntu3.2

Ubuntu 11.10

• sudo-ldap - 1.7.4p6-1ubuntu2.1
• sudo - 1.7.4p6-1ubuntu2.1

Ubuntu 11.04

• sudo-ldap - 1.7.4p4-5ubuntu7.2
• sudo - 1.7.4p4-5ubuntu7.2

Ubuntu 10.04

• sudo-ldap - 1.7.2p1-1ubuntu5.4
• sudo - 1.7.2p1-1ubuntu5.4

In general, a standard system update will make all the necessary changes.

References

• CVE-2012-2337