Michel Kaempf <maxxat_private> writes: > -[ Vudo - An object superstitiously believed to embody magical powers ]- > > --------------[ Michel "MaXX" Kaempf <maxxat_private> ]-------------- > ----------------[ Copyright (C) 2001 Synnergy Networks ]---------------- > > > --[ 0x00 - Introduction ]----------------------------------------------- > > Sudo (superuser do) allows a system administrator to give certain users > (or groups of users) the ability to run some (or all) commands as root > or another user while logging the commands and arguments. > -- http://www.courtesan.com/sudo/index.html > > On February 19, 2001, Sudo version 1.6.3p6 was released: "This fixes > a potential security problem. So far, the bug does not appear to be > exploitable." Despite the comments sent to various security mailing > lists after the announce of the new Sudo version, the bug is not a > buffer overflow and the bug does not damage the stack. > > But the bug is exploitable: even a single byte located somewhere in the > heap, erroneously overwritten by a NUL byte before a call to syslog(3) > and immediately restored after the syslog(3) call, may actually lead to > execution of code as root. A working exploit for Red Hat Linux/Intel 6.2 > (Zoot) sudo-1.6.1-1 is attached at the end of this email and a complete > research paper on this issue and on general heap corruption techniques > will be released soon. Sudo was not part of the main Red Hat Linux 6.2 distribution, but was part of powertools. 1.6.3p6 was released as as a security errata earlier this year: http://www.redhat.com/support/errata/RHSA-2001-019.html -- Trond Eivind Glomsrød Red Hat, Inc.
This archive was generated by hypermail 2b30 : Thu Jun 07 2001 - 10:30:53 PDT