This way, users don't have to have too many higher-level privileges which could be abused, but they can perform certain administrator-level tasks without logging in as root (the superuser account). Sudo is based on the principle of least privilege, where users receive just enough permissions to get their work done and have to request elevated privileges on a task-by-task basis.
CVE 2019 18634 EXPLOIT CODE
The code containing the buffer overflow was introduced into sudo back in 2011, so it affects all legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1 in their default configuration. "Other operating systems and distributions are also likely to be exploitable," Qualys said in its advisory. Qualys coordinated with major distributions to fix the flaw, CVE-2021-3156 (Baron Samedit), and made the details of the vulnerability public after both Ubuntu and Red Hat had released the fixed version of Sudo. Researchers have developed exploit variants for Debian 10 (Sudo 1.8.27), Ubuntu 20.04 (Sudo 1.8.31), and Fedora 33 (Sudo 1.9.2). Qualys said the flaw impacts all Sudo installs using the sudoers file-which is the case for many Linux systems. The regular user account also does not need to know the password in order to exploit the vulnerability. The vulnerability allows a regular user on a system to gain root access, even if the account is not listed as one of the authorized accounts in the /etc/sudoers configuration file. Some of the smaller distributions may not yet have incorporated the fix. While most major Linux distributions have released fixed versions of sudo, administrators still have to verify their systems are protected.
Researchers from Qualys uncovered a major vulnerability in an application that allows administrators to delegate limited root access to regular users.
0 kommentar(er)
