Описание
Security update for sudo
This update for sudo fixes the following issues:
-
Fix two security vulnerabilities that allowed users to bypass sudo's NOEXEC functionality:
- noexec bypass via system() and popen() [CVE-2016-7032, bsc#1007766]
- noexec bypass via wordexp() [CVE-2016-7076, bsc#1007501]
-
The SSSD plugin would occasionally crash sudo with an 'internal error'. This issue has been fixed. [bsc#948973]
-
The SSSD plugin would occasionally apply @netgroups rules from LDAP to all users rather than the @netgroup. This issue is now fixed. [bsc#966755]
-
When the SSSD plugin was used and a local user ran sudo, an e-mail used to be sent to administrator because SSSD did not support sudo rules for local users. This message did not signify an error, however, it was only noise. [bsc#1008043]
Список пакетов
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
Ссылки
- Link for SUSE-SU-2016:2891-1
- E-Mail link for SUSE-SU-2016:2891-1
- SUSE Security Ratings
- SUSE Bug 1007501
- SUSE Bug 1007766
- SUSE Bug 1008043
- SUSE Bug 948973
- SUSE Bug 966755
- SUSE CVE CVE-2016-7032 page
- SUSE CVE CVE-2016-7076 page
Описание
sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.
Затронутые продукты
Ссылки
- CVE-2016-7032
- SUSE Bug 1007501
- SUSE Bug 1007766
- SUSE Bug 1011975
- SUSE Bug 1011976
Описание
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.
Затронутые продукты
Ссылки
- CVE-2016-7076
- SUSE Bug 1007501
- SUSE Bug 1011975
- SUSE Bug 1011976