Ubuntu Update For Sudo USN-1442-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1442-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that sudo incorrectly handled network masks when using Host and Host_List. A local user who is listed in sudoers may be allowed to run commands on unintended hosts when IPv4 network masks are used to grant access. A local attacker could exploit this to bypass intended access restrictions. Host and Host_List are not used in the default installation of Ubuntu.

Affected

sudo on Ubuntu 12.04 LTS , Ubuntu 11.10 , Ubuntu 11.04 , Ubuntu 10.04 LTS , Ubuntu 8.04 LTS

Severity

Classification

CVE CVE-2012-2337
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for ffmpeg, ffmpeg-debian vulnerabilities USN-931-1
Ubuntu Update for bash USN-2362-1
Ubuntu Update for devscripts USN-1593-1
Ubuntu Update for ffmpeg, ffmpeg-debian regression USN-931-2
Ubuntu Update for cupsys vulnerabilities USN-656-1

Ubuntu Update for sudo USN-1442-1

Take action and discover your vulnerabilities