Oh ****… Sudo has a ‘make anyone root’ bug that needs to be patched – if you’re unlucky enough to enable pwfeedback

5 February 2020

Sudo, a standard tool on Unix-y operating systems that lets select users run some or all commands as root, can be exploited to give superpowers to any logged-in user – if deployed with a non-default configuration. This security hole, discovered by Joe Vennix at Apple Information Security, is only active if the pwfeedback option is enabled.

Read full article on The Register

Date:

5 February 2020

Categorie(s):

NEWS

Tag(s):

Sudo

With its new iPad, Apple’s Empire strikes back6 May 2024
Malware campaign attempts abuse of defender binaries6 May 2024
Microsoft unveils new security features for SOC teams to combat insider threats6 May 2024
BigID launches new hybrid scanning technology for enhance cloud data management6 May 2024
At RSA, Cisco launches bolsters in Security Cloud, built on Hypershield and Splunk6 May 2024