SecGen icon indicating copy to clipboard operation
SecGen copied to clipboard
verified publisher icon cliffe

Awk sudo priv escalation vuln has wrong path for awk

Open cliffe opened this issue 1 year ago • 2 comments

https://github.com/cliffe/SecGen/blob/3135bf46c728baba40646c20cb9db24559ed05e6/modules/vulnerabilities/unix/access_control_misconfigurations/sudo_root_awk/manifests/config.pp#L12

Update to also include /usr/bin/awk

cliffe avatar Apr 17 '24 08:04 cliffe

Also update to allow any arguments:

 content => "ALL  ALL=(root) /usr/bin/awk *, /bin/awk *",

cliffe avatar Apr 17 '24 15:04 cliffe

Update: it seems the system is still vulnerable, even with the wrong path specified (because the secure_path sudo setting includes /usr/sbin/). Although the fact that the specified path doesn't exist may cause some confusion.

cliffe avatar Apr 22 '24 08:04 cliffe