CVE-2012-2337

Publication date 16 May 2012

Last updated 24 July 2024

Ubuntu priority

Description

sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
sudo	12.04 LTS precise	Fixed 1.8.3p1-1ubuntu3.2
	11.10 oneiric	Fixed 1.7.4p6-1ubuntu2.1
	11.04 natty	Fixed 1.7.4p4-5ubuntu7.2
	10.04 LTS lucid	Fixed 1.7.2p1-1ubuntu5.4
	8.04 LTS hardy	Fixed 1.6.9p10-1ubuntu3.9

Notes

tyhicks

Not easy to reproduce and requires that the user exploiting this flaw to already be specified in the sudoers file

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
sudo	Upstream: http://www.sudo.ws/repos/sudo/rev/80b1e4a6d4a1 Vendor: http://www.debian.org/security/2012/dsa-2478

References

Related Ubuntu Security Notices (USN)

USN-1442-1
Sudo vulnerability
16 May 2012