Privilege escalation in Sudo-rs



Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2023-42456
CWE-ID CWE-20
Exploitation vector Local
Public exploit N/A
Vulnerable software
 sudo-rs
Universal components / Libraries / Libraries used by multiple products

Vendor Prossimo

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Input validation error

EUVDB-ID: #VU83026

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-42456

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote user to delete arbitrary files on the system.

The vulnerability exists due to insufficient validation certain characters, such as dot (".") and slash ("/") in the username. An attacker with ability tun run the "sudo -k" command can remove arbitrary files on the system given that the attacker has full control over the username on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

sudo-rs: 0.1.0-dev.20230620 - 0.2.0-dev.20230711

CPE2.3 External links

https://github.com/memorysafety/sudo-rs/commit/bfdbda22968e3de43fa8246cab1681cfd5d5493d
https://github.com/memorysafety/sudo-rs/security/advisories/GHSA-2r3c-m6v7-9354
https://www.openwall.com/lists/oss-security/2023/11/02/1
https://ferrous-systems.com/blog/sudo-rs-audit/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###