Anyone who has used Linux long enough is familiar with sudo. Short for superuser do (or substitute user do, depending on who you ask), it allows users to run commands as either root or another user on the system. From a hacker's point of view, sudo is often all that stands between them and root access. We'll be exploring an older vulnerability in sudo that allows a user to run commands as root.
Am I Vulnerable?
Sudo is a command-line utility used on nearly every Linux system that allows admins to give specific users or groups the ability to run commands as root, or in some cases, other users.
A vulnerability (CVE-2019-14287) published in October 2019 allowed users to execute commands as root on systems that explicitly deny root access but allow the user to run commands as another user. The issue arose from the way sudo treats certain user ID numbers, incorrectly interpreting them as the ID of root.
Sudo versions before 1.8.28 are affected (it was patched fairly quickly after its discovery), so older versions should be upgraded as soon as possible. To check if your version is vulnerable, simply run sudo with the -V switch to display the current version:
~# sudo -V Sudo version 1.8.27
While the specific configuration of sudo seen above isn't the most common, it is certainly not unheard ..
Support the originator by clicking the read the rest link below.
