Oct
15
2019
Flaw In Sudo Enables Non-Privileged Users To Run Commands As Root (CVE-2019-14287)
“Sudo” utility which is used to permit a user to run commands in a run-as specification has been found vulnerable recently. With this flaw, an attacker can run commands as root just by specifying the user ID “-1” or “4294967295”.
Thus, it can be used by a user to run commands as root even if the access is restricted as long as ALL keyword is mentioned first in /etc/sudoers file.
The log entries show the activity as user “4294967295” instead of root. Besides this, PAM session modules will not run for the command because the above User ID does not exist in password database of Linux.
Affected Version: All sudo versions upto 1.8.28.
Solution: It is highly recommended to update sudo package manually to the latest version as soon as possible.