Vulnerability Development mailing list archives

Re: SuDo Program

From: Thai-Hai DINH <Thai-Hai.Dinh () CI UNIL CH>
Date: Fri, 9 Mar 2001 14:19:14 +0100

Debian not that long ago released on the sudo program saying that it
contained a buffer overflow that could possibly lead to root privileges.
Does anyone know where this buffer overflow lied at in the program? Just
wondering, thanks

Barry Russell

- --- Linux News ---------------------------------------------------------

*** {01.10.001} Linux - Update {01.09.005}: Sudo command line parameter
                buffer overflow

Debian has released updated sudo packages to fix the vulnerability
discussed in {01.09.005} ("Sudo command line parameter buffer
overflow").

Updated Debian DEBs are listed at:
http://archives.neohapsis.com/archives/vendor/2001-q1/0058.html
http://archives.neohapsis.com/archives/vendor/2001-q1/0063.html

Source: Debian
http://archives.neohapsis.com/archives/vendor/2001-q1/0058.html
http://archives.neohapsis.com/archives/vendor/2001-q1/0063.html
TH Dinh

Current thread:

SuDo Program Barry Russell (Mar 08)
- Re: SuDo Program Jose Nazario (Mar 08)
- Re: SuDo Program Thai-Hai DINH (Mar 09)