-----------------------------------------------------------------------
        Immunix OS Security Advisory

Packages updated: sudo
Affected products: ImmunixOS 7.0
Bugs fixed: immunix/1944
Date: Thu Jan 17 2002
Advisory ID: IMNX-2002-70-001-01
Author: Seth Arnold <sarnoldwirex.com>
-----------------------------------------------------------------------

Description:
  Sebastian Krahmer from the SuSE Security Team has discovered a bug in
  sudo versions less than 1.6.4 did not clean the user-supplied
  environment before sending mail to the administrator reporting errors.
  Because the environment is not cleaned, an MTA could be passed an
  unexpected environment while running as root -- with at least postfix,
  and probably other MTAs, this can be trivially turned into a root
  exploit.

  This update to sudo 1.6.5p1 fixes this problem by preventing any
  user-set environment variables from affecting the mail program started
  in response to mail events, such as a user executing sudo without
  proper privileges in sudoers(5).

  Users with postfix should upgrade immediately if there are any
  untrusted user accounts on the machine. Users with other MTAs should
  upgrade as soon as convenient. In the meantime, here are some
  sudoers(5) rules that can help mitigate the problem:

  Defaults !mail_always
  Defaults !mail_no_user
  Defaults !mail_no_host
  Defaults !mail_no_perms

  (If using these rules, please recall to use visudo(8) to edit the
  sudoers(5) file.)

  Thanks to Sebastian Krahmer and Todd Miller for the fixes.

Package names and locations:
  Precompiled binary packages for Immunix 7.0 are available at:
  http://download.immunix.org/ImmunixOS/7.0/updates/RPMS/sudo-1.6.5p1-1_imnx.i386.rpm

  Source package for Immunix 7.0 is available at:
  http://download.immunix.org/ImmunixOS/7.0/updates/SRPMS/sudo-1.6.5p1-1_imnx.src.rpm

Immunix OS 7.0 md5sums:
  0e41c0231a226417cf0c5e0d009ac4fe RPMS/sudo-1.6.5p1-1_imnx.i386.rpm
  2e21a908ad9a7f63ae604bb0a5058ba9 SRPMS/sudo-1.6.5p1-1_imnx.src.rpm

GPG verification:
  Our public key is available at <http://wirex.com/security/GPG_KEY>.
  *** NOTE *** This key is different from the one used in advisories
  IMNX-2001-70-020-01 and earlier.

Online version of all Immunix 6.2 updates and advisories:
  http://immunix.org/ImmunixOS/6.2/updates/

Online version of all Immunix 7.0-beta updates and advisories:
  http://immunix.org/ImmunixOS/7.0-beta/updates/

Online version of all Immunix 7.0 updates and advisories:
  http://immunix.org/ImmunixOS/7.0/updates/

NOTE:
  Ibiblio is graciously mirroring our updates, so if the links above are
  slow, please try:
    ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/
  or one of the many mirrors available at:
    http://www.ibiblio.org/pub/Linux/MIRRORS.html

  ImmunixOS 6.2 is no longer officially supported.

Contact information:
  To report vulnerabilities, please contact securitywirex.com. WireX
  attempts to conform to the RFP vulnerability disclosure protocol
  <http://www.wiretrip.net/rfp/policy.html>.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjxHpWQACgkQVQcWL60UVMtEngCdFhjocEyjCbBYv7N/xO70kCpk
GrEAnjpV8mghZy2Xz0ds7j7XxYujLQ4U
=a3Rp
-----END PGP SIGNATURE-----

_______________________________________________
Immunix-announce mailing list
Immunix-announcewirex.com
http://mail.wirex.com/mailman/listinfo/immunix-announce
_______________________________________________
Immunix-users mailing list
Immunix-usersmail.wirex.com
http://mail.wirex.com/mailman/listinfo/immunix-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]