Courtesan Information for VU#820083

sudo vulnerable to heap corruption via -p parameter

Status

Affected

Vendor Statement

Date: Thu, 25 Apr 2002 10:34:13 -0600
From: Todd C. Miller <Todd.Miller@courtesan.com>
To: sudo-announce@courtesan.com
Subject: Sudo version 1.6.6 now available

Sudo version 1.6.6 is now available (ftp sites listed at the end).

Changes since Sudo 1.6.5p2:

o Fixed compilation problem on HP-UX 9.x.

o Moved call to endpwent() and added a call to endgrent().

o Fixed a warning conflicting declaration of VOID with AFS.

o Fixed a security hole in prompt rewriting found by Global InterSec.

Please note that Sudo 1.6.6 fixes a security hole present in sudo
versions 1.5.7 - 1.6.5p2. Please see:
http://www.sudo.ws/pipermail/sudo-announce/2002-April/000020.html
http://www.globalintersec.com/adv/sudo-2002041701.txt
for details.

sudo 1.6.6 distribution:
ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.6.tar.gz

Master WWW site:
http://www.sudo.ws/sudo/dist/

Mirrors (not yet updated)

WWW Mirrors:
http://sudo.stikman.com/ (Los Angeles, California, USA)
http://mirage.informationwave.net/sudo/ (Fanwood, New Jersey, USA)
http://sudo.planetmirror.com/ (Australia)
http://sudo.cdu.elektra.ru/ (Russia)

Master FTP sites:
ftp.sudo.ws:/pub/sudo/
ftp.cs.colorado.edu:/pub/sudo/

FTP Mirrors:
ftp.cs.colorado.edu:/pub/sudo/ (Boulder, Colorado, USA)
ftp.stikman.com:/pub/sudo/ (Los Angeles, California, USA)
ftp.uu.net:/pub/security/sudo/ (Falls Church, Virginia, USA)
ftp.tux.org:/pub/security/sudo/ (Beltsville, Maryland, USA)
ftp.cerias.purdue.edu:/pub/tools/unix/sysutils/sudo/ (West Lafayette, Indiana, USA)
ftp.uwsg.indiana.edu:/pub/sudo/ (Bloomington, Indiana, USA)
sudobash.com:/pub/sudo/ (Ypsilanti, Michigan, USA)
ftp.tamu.edu:/pub/mirrors/ftp.courtesan.com/ (College Station, Texas, USA)
ftp.rge.com:/pub/admin/sudo/ (Rochester, New York, USA)
mirage.informationwave.net:/sudo/ (Fanwood, New Jersey, USA)
ftp.wiretapped.net:/pub/security/host-security/sudo/ (Australia)
ftp.tuwien.ac.at:/utils/admin-tools/sudo/ (Austria)
sunsite.ualberta.ca:/pub/Mirror/sudo/ (Alberta, Canada)
ftp.csc.cuhk.edu.hk:/pub/packages/unix-tools/sudo/ (Hong Kong, China)
ftp.eunet.cz:/pub/security/sudo/ (Czechoslovakia)
ftp.umds.ac.uk:/pub/sudo/ (Great Britain)
ftp.tvi.tut.fi:/pub/security/unix/sudo/ (Finland)
ftp.lps.ens.fr:/pub/software/sudo/ (France)
ftp.crihan.fr:/pub/security/sudo/ (France)
ftp.rz.uni-osnabrueck.de:/pub/unix/security/sudo/ (Germany)
ftp.win.ne.jp:/pub/misc/sudo/ (Japan)
ftp.st.ryukoku.ac.jp:/pub/security/tool/sudo/ (Japan)
ftp.eos.hokudai.ac.jp:/pub/misc/sudo/ (Japan)
ftp.tokyonet.ad.jp:/pub/security/sudo/ (Japan)
ftp.kobe-u.ac.jp:/pub/util/security/tool/sudo/ (Japan)
ftp.cin.nihon-u.ac.jp:/pub/util/sudo/ (Japan)
ftp.fujitsu.co.jp:/pub/misc/sudo/ (Japan)
core.ring.gr.jp:/pub/misc/sudo/ (Japan)
ftp.ring.gr.jp:/pub/misc/sudo/ (Japan)
ftp.ayamura.org:/pub/sudo/ (Japan)
ftp.iphil.net:/pub/sudo/ (Makati City, Philippines)
ftp.icm.edu.pl:/vol/wojsyl5/sudo/ (Poland)
ftp.assist.ro:/pub/mirrors/ftp.courtesan.com/pub/sudo/ (Romania)
ftp.sai.msu.su:/pub/unix/security/ (Russia)
ftp.cdu.elektra.ru:/pub/unix/security/sudo/ (Russia)
ftp.mc.hik.se:/pub/unix/security/sudo/ (Sweden)
ftp.sekure.net:/pub/sudo/ (Sweden)
ftp.edu.tw:/UNIX/sudo/ (Taiwan)
ftp.comu.edu.tr:/pub/linux/prog/sudo/ (Turkey)

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.