关联漏洞
标题:Sudo 安全漏洞 (CVE-2025-32462)Description:Sudo是一款使用于类Unix系统的,允许用户通过安全的方式使用特殊的权限执行命令的程序。 Sudo 1.9.17p1之前版本存在安全漏洞,该漏洞源于允许列出的用户在非预期机器上执行命令。
Description
Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros
介绍
# CVE-2025-32462-32463-Detection-Script-
Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros
A brief description of the vulnerabilities is below -
CVE-2025-32462 (CVSS score: 2.8) - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines
CVE-2025-32463 (CVSS score: 9.3) - Sudo before 1.9.17p1 allows local users to obtain root access because "/etc/nsswitch.conf" from a user-controlled directory is used with the --chroot option
Instructions to Use the Script
Save the Script: Copy the script above into a file named check_cve_2025_32462.sh.
Make the Script Executable: Run the following command to make the script executable:
bash
chmod +x check_cve_2025_32462.sh
Run the Script: Execute the script with:
bash
./check_cve_2025_32462.sh
Notes
This script checks the installed version of sudo and compares it against known vulnerable versions. It also checks for the misuse of the -h option.
Ensure you have the necessary permissions to run sudo commands.
If a vulnerable version is detected, it is recommended to update sudo to version 1.9.17p1 or later to mitigate the vulnerability.
Additional Recommendations
Regularly review and update your system packages.
Monitor your sudoers file for any unusual configurations that may exploit this vulnerability.
文件快照
[4.0K] /data/pocs/64ecd9a27691431f56c1e7ef8478640076f99d33
├── [1.0K] check_cve_2025_32462.sh
├── [1.0K] check_cve_2025_32463.sh
└── [1.4K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。