Sudo Exploit – More Work for Sysadmins…

Lots of people will be doing this today…:

To test if your system is vulnerable, you have to login as a non-root user and run the “sudoedit -s /” command. Vulnerable systems will throw an error starting with “sudoedit:” while patched ones will display an error starting with “usage:”…:

The Qualys Research Team has discovered a heap overflow vulnerability in sudo, a near-ubiquitous utility available on major Unix-like operating systems. Any unprivileged user can gain root privileges on a vulnerable host using a default sudo configuration by exploiting this vulnerability.



Original article