Ubuntu Security Notice USN-956-1 June 30, 2010
sudo vulnerability
CVE-2010-1646
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 9.04
Ubuntu 9.10
Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
sudo 1.6.8p12-1ubuntu6.3
sudo-ldap 1.6.8p12-1ubuntu6.3
Ubuntu 8.04 LTS:
sudo 1.6.9p10-1ubuntu3.8
sudo-ldap 1.6.9p10-1ubuntu3.8
Ubuntu 9.04:
sudo 1.6.9p17-1ubuntu3.3
sudo-ldap 1.6.9p17-1ubuntu3.3
Ubuntu 9.10:
sudo 1.7.0-1ubuntu2.4
sudo-ldap 1.7.0-1ubuntu2.4
Ubuntu 10.04 LTS:
sudo 1.7.2p1-1ubuntu5.1
sudo-ldap 1.7.2p1-1ubuntu5.1
In general, a standard system update will make all the necessary changes.
Details follow:
Evan Broder and Anders Kaseorg discovered that sudo did not properly
sanitize its environment when configured to use secure_path (the default in
Ubuntu). A local attacker could exploit this to execute arbitrary code as
root if sudo was configured to allow the attacker to use a program that
interpreted the PATH environment variable.