Hi,
Please take care if you use sudo provide by A.D.M. due to vulnerability CVE-2019-14287 (normally used only by admin to root even using su in lot of time)
Ref. : https://www.sudo.ws/alerts/minus_1_uid.html
A.D.M. sudo version : Sudoers policy plugin version 1.8.20p2 ; Sudoers file grammar version 46
Minimum corrected version : 1.8.28
This also can affect sudo in Entware APKG : sudo - 1.8.27
Risk is limited on NAS, if you don't used ssh or telnet open to all users (in Entware, in A.D.M. it's limited to administrators group), strong admin password and not usual port (like 22 for SSH).
Philippe.
[sudo in A.D.M.] security problem : CVE-2019-14287
Got a question about our NAS utilities? The answer lies within.
Moderator: Lillian.W@AST
-
father.mande
- Posts: 1817
- youtube meble na wymiar Warszawa
- Joined: Sat Sep 12, 2015 2:55 am
- Location: La Rochelle (France)
[sudo in A.D.M.] security problem : CVE-2019-14287
Post by father.mande »
AS6602T / AS5202T /AS5002T / AS1002T / FS6706T
Jump to
- General
- ↳ Announcements
- ↳ Meet and Greet
- ↳ Feature Requests
- ↳ Presales
- ↳ Tips & Tricks
- All about NAS
- ↳ ADM, the OS
- ↳ ADM general
- ↳ [Beta] ADM
- ↳ [Beta] ADM 3.1 for All Series
- ↳ [Official] For AS70XX Series
- ↳ [Official] For AS-60X Series
- ↳ [Official] For AS-30X Series
- ↳ [Official] For AS-20X Series
- ↳ [Official] For AS50xx/51xx Series
- ↳ [Official] For AS61XX/62XX Series
- ↳ [Official] For AS31XX/ AS32XX Series
- ↳ [Official] For AS10XX Series
- ↳ [Official] For AS40XX Series
- ↳ [Official] For AS63XX/64XX Series
- ↳ [Official] For AS52xx/53xx/66xx Series
- ↳ [Official] For AS65xx Series
- ↳ [Official] For AS67xx Series
- ↳ NAS Utilities
- ↳ ASUSTOR Control Center
- ↳ ASUSTOR Download Assistant
- ↳ ASUSTOR Backup Plan
- ↳ Download Center Helper
- ↳ ASUSTOR EZ Connect
- ↳ ASUSTOR Ez Sync
- ↳ Hardware Compatibility
- Apps Unlimited
- ↳ Official ASUSTOR Apps
- ↳ ASUS Webstorage
- ↳ ASUSTOR Portal
- ↳ Avast
- ↳ Boxee
- ↳ Chrome
- ↳ ClamAV
- ↳ DataSync for Dropbox
- ↳ Data Sync for Google Drive
- ↳ DataSync for hubiC
- ↳ Data Sync for OneDrive
- ↳ DataSync for Yandex (Beta)
- ↳ Download Center
- ↳ EZ Sync Manager
- ↳ exFAT Driver
- ↳ FFmpeg
- ↳ File Explorer
- ↳ FTP Explorer
- ↳ Gogs
- ↳ Geo IP DataBase
- ↳ HiDrive Backup
- ↳ DataSync for Onedrive Business
- ↳ Mail Server
- ↳ iTunes Server
- ↳ Linux-Center
- ↳ Media Cast
- ↳ LooksGood
- ↳ Mail-Server
- ↳ Mono
- ↳ Media-pack
- ↳ nodejs
- ↳ OnlyOffice Document Server (Beta)
- ↳ Perl
- ↳ Photo Gallery
- ↳ Radius Server
- ↳ RALUS
- ↳ Ruby
- ↳ Syslog Server
- ↳ Snapshot Center Beta
- ↳ SoundsGood
- ↳ StreamsGood
- ↳ Surveillance Center
- ↳ Subversion
- ↳ phpmyadmin
- ↳ Python
- ↳ Takeasy
- ↳ TomCat
- ↳ UPnP Media Server
- ↳ UPnP Media Server 2
- ↳ Portainer
- ↳ VirtualBox
- ↳ VPN Server
- ↳ Xunlei
- ↳ xorg
- ↳ My Media for Alexa
- ↳ 3rd-party Apps
- ↳ Developer's Corner
- ↳ Cloodtools
- ↳ dislocker
- ↳ Desktop_Engine
- ↳ Fillezilla
- ↳ Gateone
- ↳ Foreign Keyboard Layout
- ↳ HD_Engine
- ↳ Home_assistant
- ↳ Kodi
- ↳ LibCEC
- ↳ Mykodi17
- ↳ myHD
- ↳ Mypyload
- ↳ NZBmegasearcH
- ↳ OpenPlexHome Theater
- ↳ PMP (PlexMediaPlayer)
- ↳ Python
- ↳ Rtorrent
- ↳ Serviio
- ↳ Tailscale-native
- ↳ Xnc-Server
- ↳ aMule
- ↳ Ajaxplorer
- ↳ aria2
- ↳ asunder
- ↳ BaiduPCS (Beta)
- ↳ BicBucStriim
- ↳ BitTorrent Sync
- ↳ BubbleUPnP
- ↳ CouchPotato
- ↳ CrashPlan
- ↳ Deluge
- ↳ Docker
- ↳ Domoticz
- ↳ Dolphin
- ↳ Droidmote
- ↳ Duplicati
- ↳ DVBLink TV Server
- ↳ Entware
- ↳ Eynio Server
- ↳ freeciv
- ↳ Firefox
- ↳ Emby
- ↳ Gallery
- ↳ Gamez
- ↳ Git
- ↳ Gitbucket
- ↳ Headphones
- ↳ Hi-Res Player
- ↳ Hotstar
- ↳ Jackett
- ↳ Jellyfin
- ↳ Jdownloader2
- ↳ Libreoffice
- ↳ Leanote (Beta)
- ↳ Logitech Media Server (Beta)
- ↳ madsonic (Beta)
- ↳ Mame
- ↳ Jeedom
- ↳ mednafen (Beta)
- ↳ Minimserver
- ↳ MongoDb
- ↳ minecraft
- ↳ MiniDLNA
- ↳ Mylar
- ↳ Netdata
- ↳ Nextcloud
- ↳ Nuclear
- ↳ NHome Server
- ↳ NzbDrone
- ↳ NZBGet
- ↳ Odoo-8.0
- ↳ ownCloud
- ↳ OpenPHT
- ↳ optware
- ↳ osTicket
- ↳ QuikFynd
- ↳ Plex
- ↳ Popcorn Time
- ↳ pyLoad
- ↳ qBittorrent
- ↳ Resilio Sync
- ↳ Radarr (Beta)
- ↳ RainLoop Webmail
- ↳ SABnzbdplus
- ↳ SickBeard
- ↳ Subsonic
- ↳ snes9x
- ↳ sonarr
- ↳ Spotify
- ↳ Squid
- ↳ Syncthing
- ↳ transmission
- ↳ Tvheadend (Beta)
- ↳ Twonky (Beta)
- ↳ Teamspeak
- ↳ Ubooquity
- ↳ uTorrent
- ↳ Plex Media Player
- ↳ URL-Pack-NEWS
- ↳ vtigercrm
- ↳ Wonderbox (Beta)
- ↳ Pandora
- ↳ WordPress
- ↳ xCloud
- ↳ Zappiti Server
- ↳ ZurmoCRM
- ↳ Mobile Apps
- ↳ AiCast
- ↳ AiData
- ↳ AiDownload
- ↳ AiFoto
- ↳ AiMaster
- ↳ AiMusic
- ↳ AiRemote
- ↳ AiSecure
- ↳ AiVideos
- Tech Talk
- ↳ Web Hosting
- ↳ Backup and Data Protection
- ↳ Virtualization
- Misc.
- ↳ Archives
- ↳ XBMC