Re: race condition checking digests/checksums in sudoers

[cve-assign () mitre org]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> > http://www.sudo.ws/man/1.8.15/sudoers.man.html

> > If a command name is prefixed with a Digest_Spec, the command will
> > only match successfully if it can be verified using the specified
> > SHA-2 digest. This may be useful in situations where the user invoking
> > sudo has write access to the command or its parent directory.

> This results in a race condition if the digest functionality is used
> as suggested (in fact, the rules are matched before the user is
> prompted for a password, so you have quite some time to replace the
> binary from underneath sudo).

Use CVE-2015-8239.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWTJ/cAAoJEL54rhJi8gl5Ej8QALlEI/5YbcrblU789Kk+Xk/R
zpoF0hgkKfkN4nKIjYDDz/BVQCa7glsZh2tRdcS6HAChsKhEzHc3cFfkZbw4p1nF
ftNANRAMZRnnkyh4IfZdVdgWlW+UFWJ5nEFqGTwMmcaSTDmD7AonAkbak/mxJKCH
gewR9Lv6+Gt2urw32OMUxTtFBtQM7suIpI5Cs0nvyEg4VXxIqiiIS7uZa1RqFQPv
XI2u22+eD3kNewTpif9VzlkDM1tehkjZWhKcIOswwbIyCDOKCj2DlzvPRCx/90DX
owanq/ZNpPt8Uw8xN4VtoN/7SFZcaqekONbRCcqYQu+aSzZc8k8XEYLZjxLaAeKG
jHMpxDhPj2DInZzel2gyCPG+bkqpzHuNvUmTebJPU+8GLCDnq7RjCZ9UvvOT0BXT
JTRd72wEWXxHa3Gxc7fwS1rincgg4Cw18tDguZMYG2y/LvNLsm9UP0aeZVhCnP0N
7ich7V8ZrgiyDupPqEGMAupE/c9bC+o90/nKzoSDliuj+mRAjmVuA5ZpVRBo6i69
qiJxlwep7PFgVE1FmG7AsQACXq7cd6e8wsb2xxF/b2eNnwEp2QGVmOkDs5WUB7wU
3OXLJVppMPWwX2Y9Wpf4imGUV+4oKRczo2CDu58+muMf95ng5yosPIKKIhd3MqKY
HJN2Edk+lRA5O8oPxvf4
=l+r1
-----END PGP SIGNATURE-----