BugTraq
Re: Re: Todd Miller Sudo local root exploit discovered by Slouching Mar 04 2010 04:11PM
noone nothing com (1 replies)
I believe what andy was alluding to was, why post on bugtraq with a subject Sudo local exploit discovered. Its not a sudo local root exploit, its an exploit in a misconfigured sudo file. You can post it as a new exploit technique for a misconfiguration, and i'm sure all the vuln and pen guys would be happy.

In my opinion, its a good technique to check for and i will use it in my arsenal of things to look for in terms of admin misconfigs but since its not in the default config on sudo, you'd have to e an idiot to not fully path out a commnd you are giving root access for...

Anyway think about how you phrase things next time.

[ reply ]
Re: Todd Miller Sudo local root exploit discovered by Slouching Mar 05 2010 12:32AM
Steve Shockley (steve shockley shockley net)


 

Privacy Statement
Copyright 2010, SecurityFocus