漏洞信息(CVE-2019-14287)

一、漏洞 CVE-2019-14287 基础信息

漏洞信息

                                        # N/A

## 漏洞概述
在 Sudo 版本 1.8.28 之前的版本中，拥有 Runas ALL sudoer 账户的攻击者可以绕过某些策略黑名单和会话 PAM 模块，导致日志记录不正确。例如，通过使用一个精心设计的用户 ID 调用 sudo 命令，可以绕过 !root 配置以及 USER= 日志记录。

## 影响版本
- Sudo 版本 1.8.28 之前的版本

## 细节
攻击者可以通过调用 `sudo -u \#$((0xffffffff))` 命令，利用精心设计的用户 ID 来绕过策略黑名单和会话 PAM 模块，导致日志记录不准确。

## 影响
- 可以绕过 `!root` 配置
- 可以绕过 `USER=` 日志记录

提示

尽管我们采用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确，但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利！

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

Sudo 输入验证错误漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

Sudo是一款使用于类Unix系统的，允许用户通过安全的方式使用特殊的权限执行命令的程序。 sudo 1.8.28之前版本中存在安全漏洞。攻击者可利用该漏洞以root权限运行命令。

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

输入验证错误

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2019-14287 的公开POC

#	POC 描述	源链接	神龙链接
1	None	https://github.com/FauxFaux/sudo-cve-2019-14287	POC详情
2	This is a container built for demonstration purposes that has a version of the sudo command which is vulnerable to CVE-2019-14287	https://github.com/CashWilliams/CVE-2019-14287-demo	POC详情
3	Sudo exploit	https://github.com/n0w4n/CVE-2019-14287	POC详情
4	None	https://github.com/gurneesh/CVE-2019-14287-write-up	POC详情
5	Sudo Security Bypass (CVE-2019-14287)	https://github.com/shallvhack/Sudo-Security-Bypass-CVE-2019-14287	POC详情
6	None	https://github.com/huang919/cve-2019-14287-PPT	POC详情
7	cve-2019-14287	https://github.com/wenyu1999/sudo-	POC详情
8	None	https://github.com/Sindadziy/cve-2019-14287	POC详情
9	Containerized and deployable use of the CVE-2019-14287 vuln. View README.md for more.	https://github.com/CMNatic/Dockerized-CVE-2019-14287	POC详情
10	Sudo Vulnerability CVE-2019-14287	https://github.com/axax002/sudo-vulnerability-CVE-2019-14287	POC详情
11	Documentation for Sudo Security Bypass - CVE 2019-14287	https://github.com/SachinthaDeSilva-cmd/Exploit-CVE-2019-14287	POC详情
12	Sudo Security Policy bypass Vulnerability	https://github.com/HussyCool/CVE-2019-14287-IT18030372-	POC详情
13	None	https://github.com/ShianTrish/sudo-Security-Bypass-vulnerability-CVE-2019-14287	POC详情
14	This is a brief exploitation of CVE-2019-14287 Sudo Security Bypass Vulnerability.	https://github.com/ejlevin99/Sudo-Security-Bypass-Vulnerability	POC详情
15	This is the exploitation of sudo security bypass vulnerability	https://github.com/thinuri99/Sudo-Security-Bypass-Vulnerability-CVE-2019-14287-	POC详情
16	None	https://github.com/janod313/-CVE-2019-14287-SUDO-bypass-vulnerability	POC详情
17	None	https://github.com/DewmiApsara/CVE-2019-14287	POC详情
18	Scripts to verify and execute CVE-2019-14287 as part of Research	https://github.com/M108Falcon/Sudo-CVE-2019-14287	POC详情
19	None	https://github.com/edsonjt81/CVE-2019-14287-	POC详情
20	CVE-2019-14287	https://github.com/DularaAnushka/Linux-Privilege-Escalation-using-Sudo-Rights	POC详情
21	None	https://github.com/crypticdante/CVE-2019-14287	POC详情
22	None	https://github.com/Hasintha-98/Sudo-Vulnerability-Exploit-CVE-2019-14287	POC详情
23	None	https://github.com/5l1v3r1/cve-2019-14287sudoexp	POC详情
24	None	https://github.com/MariliaMeira/CVE-2019-14287	POC详情
25	None	https://github.com/Ijinleife/CVE-2019-14287	POC详情
26	None	https://github.com/H3xL00m/CVE-2019-14287	POC详情
27	None	https://github.com/n3ov4n1sh/CVE-2019-14287	POC详情
28	None	https://github.com/c0d3cr4f73r/CVE-2019-14287	POC详情
29	None	https://github.com/Sp3c73rSh4d0w/CVE-2019-14287	POC详情
30	None	https://github.com/0xwh1pl4sh/CVE-2019-14287	POC详情
31	None	https://github.com/N3rdyN3xus/CVE-2019-14287	POC详情
32	None	https://github.com/NyxByt3/CVE-2019-14287	POC详情
33	None	https://github.com/lemonadern/poc-cve-2019-14287	POC详情
34	None	https://github.com/h3xcr4ck3r/CVE-2019-14287	POC详情
35	None	https://github.com/n3rdh4x0r/CVE-2019-14287	POC详情
36	In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.	https://github.com/projectdiscovery/nuclei-templates/blob/main/code/cves/2019/CVE-2019-14287.yaml	POC详情
37	None	https://github.com/h3x0v3rl0rd/CVE-2019-14287	POC详情
38	Documentation for Sudo Security Bypass - CVE 2019-14287	https://github.com/sachinthadesilva/Exploit-CVE-2019-14287	POC详情

三、漏洞 CVE-2019-14287 的情报信息

https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287 x_refsource_MISC
https://support.f5.com/csp/article/K53746212?utm_source=f5support&amp%3Butm_medium=RSS x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20191017-0003/ x_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us x_refsource_CONFIRM
http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html x_refsource_MISC
https://www.sudo.ws/alerts/minus_1_uid.html x_refsource_CONFIRM
https://www.debian.org/security/2019/dsa-4543 vendor-advisory x_refsource_DEBIAN
https://usn.ubuntu.com/4154-1/ vendor-advisory x_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2019:4191 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3941 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0388 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHBA-2019:3248 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3916 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3895 vendor-advisory x_refsource_REDHAT
https://security.gentoo.org/glsa/202003-12 vendor-advisory x_refsource_GENTOO
https://access.redhat.com/errata/RHSA-2019:3754 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3755 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3694 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3204 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3278 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3219 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3209 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3205 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3197 vendor-advisory x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html vendor-advisory x_refsource_SUSE
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/ vendor-advisory x_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/ vendor-advisory x_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/ vendor-advisory x_refsource_FEDORA
http://www.openwall.com/lists/oss-security/2019/10/14/1 mailing-list x_refsource_MLIST
https://www.openwall.com/lists/oss-security/2019/10/15/2 mailing-list x_refsource_MLIST
https://seclists.org/bugtraq/2019/Oct/20 mailing-list x_refsource_BUGTRAQ
https://seclists.org/bugtraq/2019/Oct/21 mailing-list x_refsource_BUGTRAQ
http://www.openwall.com/lists/oss-security/2021/09/14/2 mailing-list x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/10/24/1 mailing-list x_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html mailing-list x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/10/29/3 mailing-list x_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2019-14287

四、漏洞 CVE-2019-14287 的评论

暂无评论

一、 漏洞 CVE-2019-14287 基础信息

漏洞信息

提示

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2019-14287 的公开POC

三、漏洞 CVE-2019-14287 的情报信息

四、漏洞 CVE-2019-14287 的评论

发表评论

一、漏洞 CVE-2019-14287 基础信息