Bugtraq mailing list archives
Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3
From: "Todd C. Miller" <Todd.Miller () courtesan com>
Date: Tue, 31 May 2005 11:10:17 -0600
In message <20050531085218.GA10534 () suse de> so spake Marcus Meissner (meissner):
I cannot reproduce this in the default installation of sudo in SUSE Linux 9.3.
Sudo catches SIGINT and returns an empty string for the password so I don't see how this could happen unless the user's actual password was empty. I suppose some kind of PAM misconfiguration is also possible. - todd
Current thread:
- [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Xnuxer Security (May 31)
- Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Marcus Meissner (May 31)
- Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Todd C. Miller (May 31)
- Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Justin (May 31)
- Re: [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Ow Mun Heng (May 31)
- Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3 Marcus Meissner (May 31)