Sudo upgrade the micro-application immediately

A large which affects the eco Linux επιδιορθώθηκε από χθες το βράδυ στο Sudo, μια εφαρμογή που επιτρέπει στους διαχειριστές να δίνουν περιορισμένη πρόσβαση root σε άλλους .

The vulnerability, which has as its identifier the CVE-2021-3156, is better known as “Baron Samedit”, and was discovered by the security company Qualys before weeks. Fixed as of last night with the release of sudo v1.9.5p2 (update immediately).

In a simple explanation provided by the Sudo team, Baron Samedit error can be exploited by an attacker who has access to a low privileged account to gain root access, even if the account is not listed in / etc / sudoers - a configuration file that controls which users are allowed access to the su or sudo commands.

For technical details see reference Qualys or the video below.

While two other Sudo security vulnerabilities have been uncovered in the last two years, the error being uncovered today is far more dangerous.

The previous two , CVE-2019-14287 and CVE-2019-18634, were difficult to utilize because they required complex and non-standard sudo settings.

Things are different for the bug revealed today, because it affects all Sudo installations where there are sudoers (/ etc / sudoers) - which is usually found on most default Linux installations - Sudo.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).