Bugzilla – Bug 846601
VUL-0: CVE-2007-3149: sudo: when KRB5 enabled, allows authentication bypass
Last modified: 2013-10-18 11:54:24 UTC
public via NVD CVE DB http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3149 sudo, when linked with MIT Kerberos 5 (krb5), does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5_ environment variable settings. NOTE: another researcher disputes this vulnerability, stating that the attacker must be "a user, who can already log into your system, and can already use sudo." Hyperlink:http://www.sudo.ws/cgi-bin/cvsweb/sudo/auth/kerb5.c Hyperlink:http://www.securityfocus.com/bid/24368 Name: 20070607 Re: Sudo: local root compromise with krb5 enabled Hyperlink:http://www.securityfocus.com/archive/1/archive/1/470774/100/0/threaded Name: 20070607 MIT krb5: makes sudo authentication issue MUCH worse. Hyperlink:http://www.securityfocus.com/archive/1/archive/1/470752/100/0/threaded Name: 20070607 Sudo: local root compromise with krb5 enabled Hyperlink:http://www.securityfocus.com/archive/1/archive/1/470739/100/0/threaded Name: 26540 Hyperlink:http://secunia.com/advisories/26540
SUSE sudo is not built with krb5 support and so is not affected by this problem.