Thread: Security Security hole in Sudo's debug option closed
View Single Post
  #1   (View Single Post)  
Old 31st January 2012
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,131
Default Security hole in Sudo's debug option closed
From http://h-online.com/-1425163

Quote:
A hole in the sudo command's debug options has been fixed by the developers. The problem, discovered by joernchen of phenoelit, affects sudo versions 1.8.0 to 1.8.3p1. The sudo command is used extensively by Linux distributions, Mac OS X and other Unix operating systems to allow users to execute commands with super user privileges without logging in as root, and is often heavily relied upon. The security hole appeared in version 1.8.0 when a new simple debugging option was added.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote