Will you return to the office? Would you prefer to stay working from home? Or are you looking to offer your staff a mix of both?Read More
Vendor: VMware Product: LinuxComponent: SudoDate: 26th January 2021Target: IT Managers, SysOps
What's newAny user with login access to a Linux OS can utilise a Buffer Overflow to gain administrative access to the system using Sudo.
How does this affect me?
- If you are running the following version of Sudo then you are affected: -
- All legacy versions from 1.8.2 to 1.8.31p2
- All stable versions from 1.9.0 to 1.9.5p1
What do I need to do?
- As per Qualys's instructions, to test if your system is vulnerable, login as a non-root user and run command: -
sudoedit -s /If the system is vulnerable, it will respond with an error that starts with “sudoedit:”If the system is patched, it will respond with an error that starts with “usage:”
- If you are vulnerable update Sudo or your OS.