Back to list
Re: Re: Todd Miller Sudo local root exploit discovered by Slouching
Mar 04 2010 04:11PM
noone nothing com
Re: Todd Miller Sudo local root exploit discovered by Slouching
Mar 05 2010 12:32AM
Steve Shockley (steve shockley shockley net)
On 3/4/2010 11:11 AM, noone (at) nothing (dot) com [email concealed] wrote:
> Its not a sudo local root exploit, its an exploit in a misconfigured sudo file.
If it's a misconfiguration, then why'd they release a patch?
Major changes between version 1.7.2p3 and 1.7.2p4:
* Fix a bug that could allow users with permission to run sudoedit
to run arbitrary commands.
[ reply ]
Copyright 2010, SecurityFocus