Vulnerability allows to run commands as root on Linux and macOS systems

A researcher of Apple security has found a vulnerability in sudo utility that could allow to execute arbitrary commands with administrative privileges on Linux or macOS systems.

Sudo is a core command that is pre-installed on macOS and almost every UNIX or Linux-based operating system. The problem stems from a stack-based buffer overflow issue that resides in Sudo versions before 1.8.26. It can be exploited when the „pwfeedback“ option is enabled in the sudoers configuration file.

You can disable the vulnerable component by changing „Defaults pwfeedback“ to „Defaults !pwfeedback“ in the sudoers configuration file.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.

en_USEnglish de_DEDeutsch