Rocksolid Light

Welcome to RetroBBS

mail  files  register  newsreader  groups  login

Message-ID:  

Your financial institution may impose additional fees and charges.


rocksolid / Security / Privilege escalation in sudo

SubjectAuthor
o Privilege escalation in sudoAnonymous

1
Privilege escalation in sudo

<opsec.772.3odeoq@anon.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=199&group=rocksolid.shared.security#199

 copy link   Newsgroups: rocksolid.shared.security
Path: i2pn2.org!rocksolid2!def5!.POSTED.bogusentry!not-for-mail
From: poster@anon.com (Anonymous)
Newsgroups: rocksolid.shared.security
Subject: Privilege escalation in sudo
Date: Wed, 27 Jan 2021 08:14:35 -0800
Organization: def5
Message-ID: <opsec.772.3odeoq@anon.com>
Content-Type: text/plain; charset=UTF-8
Injection-Info: def5.org; posting-host="bogusentry:192.168.1.189";
logging-data="32569"; mail-complaints-to="usenet@def5.org"
 by: Anonymous - Wed, 27 Jan 2021 16:14 UTC

"A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. It has been given the name Baron Samedit by its discoverer. The bug can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is not required to exploit the bug. "

https://www.sudo.ws/alerts/unescape_overflow.html

Happy hacking.

--
Posted on def2

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor