Your submission was sent successfully! Close

USN-28-1: sudo vulnerability

18 November 2004

sudo vulnerability



Liam Helmer discovered an input validation flaw in sudo. When the
standard shell "bash" starts up, it searches the environment for
variables with a value beginning with "()". For each of these
variables a function with the same name is created, with the function
body filled in from the environment variable's value.

A malicious user with sudo access to a shell script that uses bash can
use this feature to substitute arbitrary commands for any
non-fully-qualified programs called from the script. Therefore this
flaw can lead to privilege escalation.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 4.10
  • sudo -

In general, a standard system update will make all the necessary changes.