NopSec.com uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites, NopSec.com’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to NopSec.com, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.

Acknowledge

Trending CVEs for the Week of October 14th, 2019

CVE-2019-14287 – Linux Sodo Vulnerability

Description

A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction.

Affected Platforms

  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 8

Mitigation

This vulnerability only affects configurations of sudo that have a runas user list that includes an exclusion of root. The most simple example is:

someuser ALL=(ALL, !root) /usr/bin/somecommand

The exclusion is specified using an excalamation mark (!). In this example, the “root” user is specified by name. The root user may also be identified in other ways, such as by user id:

someuser ALL=(ALL, !#0) /usr/bin/somecommand

or by reference to a runas alias:

Runas_Alias MYGROUP = root, adminuser
someuser ALL=(ALL, !MYGROUP) /usr/bin/somecommand

To ensure your sudoers configuration is not affected by this vulnerability, we recommend examining each sudoers entry that includes the `!` character in the runas specification, to ensure that the root user is not among the exclusions. These can be found in the /etc/sudoers file or files under /etc/sudoers.d.

References

Red Hat Customer Portal

Related Posts

Schedule a Product Demo Today!

See how NopSec's end-to-end Cyber Exposure Management platform can organize your security chaos.