Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Gentoo Hardened (http://www.linux-archive.org/gentoo-hardened/)
-   -   New sudo format string vuln (http://www.linux-archive.org/gentoo-hardened/627295-new-sudo-format-string-vuln.html)

RB 01-31-2012 02:12 PM

New sudo format string vuln
 
Not sure how much testing anyone else has done (and it warrants more
testing), but I just tested this on a rather out-of-date machine
running hardened-sources-3.0.4 and sudo-1.8.2-r1. I had brute-force
prevention enabled, and not only was the vulnerability not successful,
I was locked out from all execution under my UID for 15 minutes -
couldn't even su over from root. Definite win for hardened!

Javier Juan Martínez Cabezón 01-31-2012 02:19 PM

New sudo format string vuln
 
Systems compiled with -D_Fortify_source=2 are not vulnerable. If I'm not wrong it's a format string vulnerability.

2012/1/31 RB <aoz.syn@gmail.com>

Not sure how much testing anyone else has done (and it warrants more

testing), but I just tested this on a rather out-of-date machine

running hardened-sources-3.0.4 and sudo-1.8.2-r1. *I had brute-force

prevention enabled, and not only was the vulnerability not successful,

I was locked out from all execution under my UID for 15 minutes -

couldn't even su over from root. *Definite win for hardened!

Agostino Sarubbo 01-31-2012 04:29 PM

New sudo format string vuln
 
On Tuesday 31 January 2012 16:19:53 Javier Juan Martínez Cabezón wrote:
> Systems compiled with -D_Fortify_source=2 are not vulnerable. If I'm not
> wrong it's a format string vulnerability.

Not very sure about it. From the original advisory:

he above example shows the result of FORTIFY_SOURCE which makes explotitation
painful but not impossible (see [0]). Without FORTIFY_SOURCE the exploit is
straight forward.

--
Agostino Sarubbo ago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D


All times are GMT. The time now is 02:34 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.