Sudo Bug Allowed Linux Users To Run Commands As Superuser Root
One such flaw was found in Sudo function, which is widely used to run programs, scripts and execute commands with root permissions. The flaw allows any script to be executed with root privileges without the user having root access.
The Sudo command (superuser do) is a widely used command in the Linux operating system. Sudo is responsible for handling superuser permissions. The flaw affects all the Sudo versions prior to the latest released version 1.8.28.
The vulnerability tracked as CVE-2019-14287 and discovered by Joe Vennix of Apple Information Security. The vulnerability surprisingly could be exploited by an attacker to run commands as root just by specifying user ID “-1” or “4294967295.”
myhost bob = (ALL, !root) /usr/bin/vi
sudo -u#-1 id -u OR sudo -u#4294967295 id -u
commands to execute vi with root privileges.
Please consider downloading Brave Browser by downloading Brave Browser through our website you won’t only be downloading a great privacy browser you will also be supporting (HackingVision.com). We are not using Google Ads as we respect our users privacy. We encourage you to use an Ad-blocker or a browser that has a built in ad-blocker and other privacy features such as VPN.
- Top 10 Phishing Tools - 10th April 2020
- Distributed Hash Cracking Hashcat Hashtopolis Tutorial - 30th March 2020
- Cracking Password Hashes with Hashcat Rule-based attack - 27th March 2020