Heap-based buffer overflow in sudo:
- exploitable by any local user (even non-sudoers)
- introduced in July 2011
- affects default configuration
@fribbledom Am I reading that right? Only if sudo is run ins shell mode with -s or -i options is this vulnerability exploitable?
I know! D:
I just saw the debian mailing list and almost freaked out..but then I remembered why I don't trust user-mode programs to be safe..
Haven't people always been able to just edit ~/.bashrc and put a line that adds some random folder to PATH ahead of /usr/bin with their own trojan version of "sudo"? (Or any other command?)
How can I test if I have vulnerable version?
To test if a system is vulnerable or not, login to the system as a non-root user.
Run command “sudoedit -s /”
If the system is vulnerable, it will respond with an error that starts with “sudoedit:”
If the system is patched, it will respond with an error that starts with “usage:”
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!