Vulnerabilities > CVE-2001-0279
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
OS | 3 |
Exploit-Db
description | Sudo 1.5/1.6 Heap Corruption Vulnerability. CVE-2001-0279. Local exploit for linux platform |
id | EDB-ID:20901 |
last seen | 2016-02-02 |
modified | 2001-02-22 |
published | 2001-02-22 |
reporter | MaXX |
source | https://www.exploit-db.com/download/20901/ |
title | Sudo 1.5/1.6 Heap Corruption Vulnerability |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-031.NASL description Todd Miller announced a new version of sudo which corrects a buffer overflow that could potentially be used to gain root privileges on the local system. The fix from sudo 1.6.3p6 is available in sudo 1.6.2p2-1potato1 for Debian 2.2 (potato). last seen 2020-06-01 modified 2020-06-02 plugin id 14868 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14868 title Debian DSA-031-2 : sudo - buffer overflow code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-031. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(14868); script_version("1.19"); script_cvs_date("Date: 2019/08/02 13:32:16"); script_cve_id("CVE-2001-0279"); script_bugtraq_id(2829); script_xref(name:"DSA", value:"031"); script_name(english:"Debian DSA-031-2 : sudo - buffer overflow"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Todd Miller announced a new version of sudo which corrects a buffer overflow that could potentially be used to gain root privileges on the local system. The fix from sudo 1.6.3p6 is available in sudo 1.6.2p2-1potato1 for Debian 2.2 (potato)." ); script_set_attribute( attribute:"see_also", value:"http://www.debian.org/security/2001/dsa-031" ); script_set_attribute(attribute:"solution", value:"Upgrade the affected sudo package."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:sudo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:2.2"); script_set_attribute(attribute:"patch_publication_date", value:"2001/02/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/29"); script_set_attribute(attribute:"vuln_publication_date", value:"2001/02/22"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"2.2", prefix:"sudo", reference:"1.6.2p2-1potato1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2001-024.NASL description A buffer overflow exists in the sudo program which could be used by an attacker to obtain higher privileges. sudo is a program used to delegate superuser privileges to ordinary users and only for specific commands. Update : The sudo package for 7.1 used the system-auth facility of newer pam versions and thus would not install or work correctly under Linux- Mandrake 7.1. This update resolves the dependency issue as well as provides the correct pam configuration file. last seen 2020-06-01 modified 2020-06-02 plugin id 61898 published 2012-09-06 reporter This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/61898 title Mandrake Linux Security Advisory : sudo (MDKSA-2001:024-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2001:024. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(61898); script_version("1.6"); script_cvs_date("Date: 2019/08/02 13:32:46"); script_cve_id("CVE-2001-0279"); script_xref(name:"MDKSA", value:"2001:024-1"); script_name(english:"Mandrake Linux Security Advisory : sudo (MDKSA-2001:024-1)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Mandrake Linux host is missing a security update." ); script_set_attribute( attribute:"description", value: "A buffer overflow exists in the sudo program which could be used by an attacker to obtain higher privileges. sudo is a program used to delegate superuser privileges to ordinary users and only for specific commands. Update : The sudo package for 7.1 used the system-auth facility of newer pam versions and thus would not install or work correctly under Linux- Mandrake 7.1. This update resolves the dependency issue as well as provides the correct pam configuration file." ); script_set_attribute(attribute:"solution", value:"Update the affected sudo package."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:sudo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:7.1"); script_set_attribute(attribute:"patch_publication_date", value:"2001/03/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/06"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK7.1", cpu:"i386", reference:"sudo-1.6.3p6-1.3mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Redhat
advisories |
|
References
- http://archives.neohapsis.com/archives/bugtraq/2001-02/0414.html
- http://archives.neohapsis.com/archives/bugtraq/2001-02/0427.html
- http://archives.neohapsis.com/archives/bugtraq/2001-02/0437.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000381
- http://www.debian.org/security/2001/dsa-031
- http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-024.php3
- http://www.redhat.com/support/errata/RHSA-2001-018.html
- http://www.redhat.com/support/errata/RHSA-2001-019.html