CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
26.0%
Package : sudo
Version : 1.7.4p4-2.squeeze.6
CVE ID : CVE-2015-5602
Debian Bug : 804149
When sudo is configured to allow a user to edit files under a
directory that they can already write to without using sudo, they can
actually edit (read and write) arbitrary files. Daniel Svartman
reported that a configuration like this might be introduced
unintentionally if the editable files are specified using wildcards,
for example:
operator ALL=(root) sudoedit /home///test.txt
The default behaviour of sudo has been changed so that it does not
allow editing of a file in a directory that the user can write to, or
that is reached by following a symlink in a directory that the user
can write to. These restrictions can be disabled, but this is
strongly discouraged.
For the oldoldstable distribution (squeeze), this has been fixed in
version 1.7.4p4-2.squeeze.6.
For the oldstable distribution (wheezy) and the stable distribution
(jessie), this will be fixed soon.
–
Ben Hutchings - Debian developer, member of Linux kernel and LTS teams
Attachment:
signature.asc
Description: This is a digitally signed message part
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | i386 | sudo-ldap | < 1.7.4p4-2.squeeze.6 | sudo-ldap_1.7.4p4-2.squeeze.6_i386.deb |
Debian | 6 | amd64 | sudo-ldap | < 1.7.4p4-2.squeeze.6 | sudo-ldap_1.7.4p4-2.squeeze.6_amd64.deb |
Debian | 6 | amd64 | sudo | < 1.7.4p4-2.squeeze.6 | sudo_1.7.4p4-2.squeeze.6_amd64.deb |
Debian | 6 | all | sudo | < 1.7.4p4-2.squeeze.6 | sudo_1.7.4p4-2.squeeze.6_all.deb |
Debian | 6 | i386 | sudo | < 1.7.4p4-2.squeeze.6 | sudo_1.7.4p4-2.squeeze.6_i386.deb |