Linux Sudo Vulnerability Audit

Subscribe to Vulnerability Updates
  • This is a static report and therefore not updated automatically, which means that out-of-band updates are not included. However, you can adapt the query to your own needs.

Find Vulnerable Linux Sudo Versions in Your Network

A vulnerability has been discovered in the pre-installed Linux utility Sudo (CVE-2019-14287). Sudo allows users to execute commands using the permissions of the root user. While most system administrators will restrict which users can perform which Sudo commands, the latest vulnerability can circomvent this. You can find more information in our Sudo vulnerability blog post.

To help you discover potentially vulnerable assets, the Linux Sudo audit below provides a list of all Sudo installations along with the version. To ensure you are safe you must have the latest version 1.8.28

Linux Sudo Vulnerability Audit Query

Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tsysAssetTypes.AssetTypename As AssetType,
  tblAssets.Username,
  tblAssets.Userdomain,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblAssets.IPAddress,
  tblSoftwareUni.softwareName As Software,
  tblLinuxSoftware.Version As Version,
  Case
  When tblLinuxSystem.OSRelease Like 'Ubuntu%' And tblLinuxSoftware.Version = '1.8.21p2-3ubuntu1.1' Then 'Up to date'
  When tblLinuxSoftware.Version Like '1.8.28%' Then 'Up to date'
    Else 'Out of date'
  End As [Patch Status],
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tblLinuxSystem.OSRelease As OS,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  tblLinuxSoftware.LastChanged,
  Case
    When tblLinuxSoftware.Version Like '1.8.28%' Then '#d4f4be'
    Else '#ffadad'
  End As backgroundcolor
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblLinuxSoftware On tblAssets.AssetID = tblLinuxSoftware.AssetID
  Inner Join tblSoftwareUni On
    tblSoftwareUni.SoftID = tblLinuxSoftware.SoftwareUniID
  Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Where tblSoftwareUni.softwareName Like 'sudo%' And tblState.Statename = 'Active'
Order By tblAssets.Domain,
  tblAssets.AssetName,
  Software

Audit and Take Action in 3 Easy Steps

Download-Install-Lansweeper

1. Download & Install Lansweeper

Download Lansweeper

Lansweeper-Network-Discovery

2. Scan Your Network

Configuring the First Run Wizard

Overview of Scanning Methods

Save-and-Run-the-Report

3. Run the Audit & Take Action

How to Run an Audit

Download Lansweeper to Run this Audit

Download Lansweeper

Product

Key Features

Company

Partners

Resources

Contact

Talk to Sales

Help Center

Get your hands on the latest news, vulnerability updates & network reports.
  • Hidden
  • This field is for validation purposes and should be left unchanged.
Facebook Twitter Youtube Linkedin Reddit