[olug] Update Sudo

Reiners Cloud Consulting LLC justin at reiners.io
Thu Jan 28 09:28:54 CST 2021


CentOS Linux release 7.9.2009 (Core) (passed)
Ubuntu 20.04 LTS (seems vuln)


On Wed, Jan 27, 2021 at 8:16 PM Jeff Hinrichs - DM&T <jeffh at dundeemt.com>
wrote:

> ubuntu 18.04.5 -passed
> raspbian 9.13 - vuln
> freebsd11.4-RELEASE - passed
>
>
> On Wed, Jan 27, 2021 at 2:54 PM Anthony Kava <karver at forensic.coffee>
> wrote:
>
> > If you want to do a quick test (might have some false negatives) try
> this:
> >
> >   sudoedit -s '\' `perl -e 'print "A" x 65536'`
> >
> > Should segfault if vulnerable, return Usage message if not.  Again, not
> > sure if 100% but worked in anecdotal testing with Ubuntu 16.04, 20.4,
> > Raspbian, and CentOS 6 and 7.
> >
> > On Wed, Jan 27, 2021 at 2:24 PM Jon Larsen <jon at jonlarsen.us> wrote:
> >
> > > 10-year-old Sudo Bug Lets Linux Users Gain Root-Level Access
> > >
> > >
> >
> https://linux.slashdot.org/story/21/01/27/1820205/10-year-old-sudo-bug-lets-linux-users-gain-root-level-access
> > > _______________________________________________
> > > OLUG mailing list
> > > OLUG at olug.org
> > > https://www.olug.org/mailman/listinfo/olug
> > >
> >
> >
> > --
> > Kava
> > _______________________________________________
> > OLUG mailing list
> > OLUG at olug.org
> > https://www.olug.org/mailman/listinfo/olug
> >
>
>
> --
> Best,
>
> Jeff Hinrichs
> 402.320.0821
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://www.olug.org/mailman/listinfo/olug
>


-- 
Justin Reiners
Reiners Cloud Consulting LLC
I'm happy to be your local Omaha distributor for 3CX and SimpleHelp!
Contact me for info.


More information about the OLUG mailing list