Mar 02 in linux-open source, ubuntu
Written by: Achmad Fachrie
Ada security issue yang pada ubuntu pada versi rilis :
- Ubuntu 6.06 LTS
- Ubuntu 8.04 LTS
- Ubuntu 8.10
- Ubuntu 9.04
- Ubuntu 9.10
dan juga tentunya termasuk pada versi Kubuntu, Edubuntu, and Xubuntu.
Issue ini bisa diatasi dengan melakukan upgrade system, pada paket aplikasi berikut ::
Ubuntu 6.06 LTS:
sudo 1.6.8p12-1ubuntu6.1
sudo-ldap 1.6.8p12-1ubuntu6.1
Ubuntu 8.04 LTS:
sudo 1.6.9p10-1ubuntu3.6
sudo-ldap 1.6.9p10-1ubuntu3.6
Ubuntu 8.10:
sudo 1.6.9p17-1ubuntu2.2
sudo-ldap 1.6.9p17-1ubuntu2.2
Ubuntu 9.04:
sudo 1.6.9p17-1ubuntu3.1
sudo-ldap 1.6.9p17-1ubuntu3.1
Ubuntu 9.10:
sudo 1.7.0-1ubuntu2.1
sudo-ldap 1.7.0-1ubuntu2.1
Issue itu berupa : “… sudo did not properly validate the path for the ’sudoedit’ pseudo-command. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use sudoedit. The sudoedit pseudo-command is not used in the default installation of Ubuntu. (CVE-2010-0426) It was discovered that sudo did not reset group permissions when the ‘runas_default’ configuration option was used. A local attacker could exploit this to escalate group privileges if sudo was configured to allow the attacker to run commands under the runas_default account. The runas_default configuration option is not used in the default installation of Ubuntu. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. (CVE-2010-0427)… “
Sumber berita dari sini
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=f72f38b6-d198-4dd9-9f9b-ee870baa19ed)
