#428770 sudo ptrace vulnerability (BugTraq ID: 24287)

Package:
sudo
Source:
sudo
Description:
Provide limited super user privileges to specific users
Submitter:
Norbert Buchmuller
Date:
2022-07-06 09:03:05 UTC
Severity:
wishlist
Tags:
#428770#5
Date:
2007-06-14 00:18:25 UTC
From:
To:
As described in http://www.securityfocus.com/bid/24287 sudo is vulnerable
to an exploit where the executed command can be altered/replaced using
ptrace(). (Permission in the /etc/sudoers file to run the altered command
is still needed, but this vulnerability IMO has high security impact still.)

Sorry if it's a duplicate and I missed the first report.

Best regards,

norbi
#428770#10
Date:
2007-06-14 17:23:17 UTC
From:
To:
Please note that this is _not_ a security vulnerability. Here just
nonprivileged command's address space is modified (the shell before
launching sudo) and that's a feature, not a bug. To modify process'
address space the "attacker" needs to be able to actually run the
"exploit" which means that he has to compromise an account using another
vulnerability. In that case he has also numerous others way to stole
that user's privilegies by tricking the user using sudo or anything
similar. (Trojans, etc.)
#428770#21
Date:
2022-07-05 13:54:40 UTC
From:
To:
Control: outlook -1 close 2022-12-31
thanks

I have readched out to the security team if they're ok with this bug
report being closed. If they don't reply, I plan to close this anyway by
the end of 2022. Consider filing an upstream report and marking this bug
a forwarded; this one is going to stay open then as long as upstream's
report is open.

Debian is not going to make changes to upstream code for this unless the
security team says that we should.

Greetings
Marc
#428770#26
Date:
2022-07-05 13:54:40 UTC
From:
To:
Control: outlook -1 close 2022-12-31
thanks

I have readched out to the security team if they're ok with this bug
report being closed. If they don't reply, I plan to close this anyway by
the end of 2022. Consider filing an upstream report and marking this bug
a forwarded; this one is going to stay open then as long as upstream's
report is open.

Debian is not going to make changes to upstream code for this unless the
security team says that we should.

Greetings
Marc
#428770#31
Date:
2022-07-06 09:01:24 UTC
From:
To:
After talking to the security team, I am now closing this in Debian.
Feel free to re-open or file a new bug report once there is an upstream
bug open. I am also fine with this staying closed ;-)

Greetings
Marc
#428770#34
Date:
2022-07-06 09:01:24 UTC
From:
To:
After talking to the security team, I am now closing this in Debian.
Feel free to re-open or file a new bug report once there is an upstream
bug open. I am also fine with this staying closed ;-)

Greetings
Marc