Bugtraq mailing list archives
Re: Todd Miller Sudo local root exploit discovered by Slouching
From: Steve Shockley <steve.shockley () shockley net>
Date: Thu, 04 Mar 2010 19:32:28 -0500
On 3/4/2010 11:11 AM, noone () nothing com wrote:
Its not a sudo local root exploit, its an exploit in a misconfigured sudo file.
If it's a misconfiguration, then why'd they release a patch? From http://www.sudo.ws/sudo/stable.html: Major changes between version 1.7.2p3 and 1.7.2p4:* Fix a bug that could allow users with permission to run sudoedit to run arbitrary commands.
Current thread:
- Todd Miller Sudo local root exploit discovered by Slouching Kingcope (Mar 02)
- Re: Todd Miller Sudo local root exploit discovered by Slouching andy (Mar 03)
- Re: Todd Miller Sudo local root exploit discovered by Slouching Kingcope (Mar 03)
- Re: Todd Miller Sudo local root exploit discovered by Slouching Jann Horn (Mar 03)
- <Possible follow-ups>
- Re: Re: Todd Miller Sudo local root exploit discovered by Slouching noone (Mar 04)
- Re: Todd Miller Sudo local root exploit discovered by Slouching Steve Shockley (Mar 05)
- Re: Todd Miller Sudo local root exploit discovered by Slouching andy (Mar 03)