Security researchers have revealed details of a vulnerability in Sudo that could be exploited by an attacker to gain root privileges on a wide range of Linux-based systems.
News of the security flaw was shared by Qualys, and it has been described as "perhaps the most significant sudo vulnerability in recent memory".
The much hyped Sudo security flaw allows attackers to bypass the previous iteration of sudo on most modern Linux distributions by just supplying specially crafted output. It wasn't immediately known if exploit code had been created, or if such exploit code had been demonstrated to the public.
To make matters worse, the vulnerability is so forthcoming that it is possible to bypass previous mitigation techniques. Hidden in the /etc/sudoers configuration file, the exploit code creates a link to malicious code in the /etc/sudoers.d directory. The link takes all privileges given by the attacker, making the file a key prize in the attack and a plausible path to attacks against the file.
Third party software vendors found the bug. The majority (80%) of the in-the-wild exploits of the security flaw have since been documented by researchers.
They released two software fixes combined with a patch for Sudo on CentOS 6 and Red Hat Enterprise Linux Server. Anyone who has run Sudo with the patches should be unaffected.
"The flaws may potentially affect all 32-bit versions of sudo since all 32-bit (and up to 64-bit, depending on magic numbers) Linux- and BSD-based OSs are vulnerable to the attack," Qualys identified in a statement. Please note that the SSH version of the vulnerability will have the most significant impacts."
The alternative to installing the patch is to force Sudo uninstallation. This requires user assistance and you can do so by using Control+F1.
Sudo is the standard used in building Kali Linux, Lumina products, political servers, and other niche source code-based systems. There is no patch for it available [1]. Instead, several mitigation strategies have been patched; details should be reviewed prior to use that are specific to the OS.
The first step, recommended by Qualys, is to enable phase 2 of the sudo firewall.
1. Enable sudo phase 2
Let me reiterate: in addition to the several compromises described above and the vulnerability which may also be on ISC Linux, Sever's writers would not be able to compromise the Kali OS. They use a foothold solely to bypass the ctaz (getsuser) vulnerability, which was patched by Ubuntu 8.04, 8.10, and 10.04 (that is, mitigated by a btrfs virtual filesystem hardening security patch [2]) because Kali security advisories are dated since 2008.
When I write 'ALL
News of the security flaw was shared by Qualys, and it has been described as "perhaps the most significant sudo vulnerability in recent memory".
The much hyped Sudo security flaw allows attackers to bypass the previous iteration of sudo on most modern Linux distributions by just supplying specially crafted output. It wasn't immediately known if exploit code had been created, or if such exploit code had been demonstrated to the public.
To make matters worse, the vulnerability is so forthcoming that it is possible to bypass previous mitigation techniques. Hidden in the /etc/sudoers configuration file, the exploit code creates a link to malicious code in the /etc/sudoers.d directory. The link takes all privileges given by the attacker, making the file a key prize in the attack and a plausible path to attacks against the file.
Third party software vendors found the bug. The majority (80%) of the in-the-wild exploits of the security flaw have since been documented by researchers.
They released two software fixes combined with a patch for Sudo on CentOS 6 and Red Hat Enterprise Linux Server. Anyone who has run Sudo with the patches should be unaffected.
"The flaws may potentially affect all 32-bit versions of sudo since all 32-bit (and up to 64-bit, depending on magic numbers) Linux- and BSD-based OSs are vulnerable to the attack," Qualys identified in a statement. Please note that the SSH version of the vulnerability will have the most significant impacts."
The alternative to installing the patch is to force Sudo uninstallation. This requires user assistance and you can do so by using Control+F1.
Sudo is the standard used in building Kali Linux, Lumina products, political servers, and other niche source code-based systems. There is no patch for it available [1]. Instead, several mitigation strategies have been patched; details should be reviewed prior to use that are specific to the OS.
The first step, recommended by Qualys, is to enable phase 2 of the sudo firewall.
1. Enable sudo phase 2
Let me reiterate: in addition to the several compromises described above and the vulnerability which may also be on ISC Linux, Sever's writers would not be able to compromise the Kali OS. They use a foothold solely to bypass the ctaz (getsuser) vulnerability, which was patched by Ubuntu 8.04, 8.10, and 10.04 (that is, mitigated by a btrfs virtual filesystem hardening security patch [2]) because Kali security advisories are dated since 2008.
When I write 'ALL
g
