Security News > 2021 > January > Ten-Year-Old Sudo Vulnerability Gives Root Privileges on Host
A major security hole in the Sudo utility could be abused by unprivileged users to gain root privileges on the vulnerable host, Qualys reports.
Designed to allow users to run programs with the security privileges of another user, Sudo is present in major Unix- and Linux-based operating systems out there.
Tracked as CVE-2021-3156, the recently identified vulnerability, which Qualys refers to as "Baron Samedit," was introduced in July 2011, and can be exploited to gain root privileges using a default Sudo configuration.
Qualys' security researchers said they came up with exploit variants to obtain full root privileges on Linux distributions such as Debian 10, Fedora 33, and Ubuntu 20.04, but noted that other operating systems and distributions that rely on Sudo might be affected as well.
Sudo v1.9.5p2 resolves the vulnerability.
In the pwfeedback option in Sudo was also found to provide attackers with elevated privileges on an affected machine.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-26 | CVE-2021-3156 | Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. local low complexity sudo-project fedoraproject debian netapp mcafee synology beyondtrust oracle CWE-193 | 7.8 |