[afnog] major sudo vulnerability

Noah noah at neo.co.tz
Thu Feb 4 19:04:12 UTC 2021


Hi Pokui,

Thanks a lot for the heads up.

*./noah*
neo - network engineering and operations


On Thu, Jan 28, 2021 at 9:13 PM Patrick Okui <pokui at psg.com> wrote:

> Hi all,
>
> You may have seen the news about a couple of bugs in sudo.
> https://www.theregister.com/2021/01/26/qualys_sudo_bug/ is a good
> summary.
>
> Long story short any user on your system (not necessarily an admin) can
> become root without a password (amongst other issues).
>
> Updates have made it out for most systems; you should update any
> multiuser systems as soon as possible.
>
>
> --
> patrick
>
> ps: if you’re looking for the full details you can read
>
> https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
>
> _______________________________________________
> afnog mailing list
> https://www.afnog.org/mailman/listinfo/afnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.afnog.org/pipermail/afnog/attachments/20210204/b7d127e7/attachment.html>


More information about the afnog mailing list