#VU32823 Format string error in Sudo - CVE-2012-0809

Cybersecurity Help s.r.o.

Published: 2012-02-01 | Updated: 2020-07-29

Vulnerability identifier: #VU32823

Vulnerability risk: Low

CVSSv4.0: 7.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2012-0809

CWE-ID: CWE-134

Exploitation vector: Local

Exploit availability: Yes

Vulnerable software:
Sudo
Client/Desktop applications / Software for system administration

Vendor: Sudo

Description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Sudo: 1.8.0 - 1.8.3p1

External links
https://archives.neohapsis.com/archives/fulldisclosure/2012-01/0591.html
https://archives.neohapsis.com/archives/fulldisclosure/2012-01/att-0591/advisory_sudo.txt
https://security.gentoo.org/glsa/glsa-201203-06.xml
https://www.sudo.ws/sudo/alerts/sudo_debug.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Gentoo update for sudo

Format string error in Sudo

Format string error in sudo (Alpine package)