So, you (to my regular readers) remember my post where I mentioned why docker is easily hackable!!!
I also differentiated // between advantages of being rootless.
If you don't remember links of these articles, you can search these in my profile.
Coming to caption. Yes [sudo] has vulnerability named :
CVE-2021-3156.
So what is it?
It has been given the name Baron Samedit by its discoverer.
This could allow any unprivileged local user to gain root privileges on a vulnerable host (without authentication).
This vulnerability was present more than 10 years.
Though it only allows escalation of privilege and not remote code execution, CVE-2021-3156 could be leveraged by attackers who look to compromise Linux systems and have already managed to get access (e.g., through brute force attacks).
What to do?
1)
RUN :
sudoedit -s '\' `perl -e 'print "A" x 65536'
If you receive a usage or error message, sudo is not vulnerable. If the result is a Segmentation fault, sudo is vulnerable.
2)
Read this https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
3)
Workaround:
None. Sudo version 1.9.5p2 or a patched vendor-supported version must be installed.
Fix:
The bug is fixed in sudo 1.9.5p2.
(Currently, I can't reply on dev.to . The reason moderators believe my one of reply to post was not in context with title of article. And believe it was as readers liked my reply 😂.
The reason I am not asking them to allow to lift ban as I believe it was one-sided decision taken by dev.to and after all portal belongs to them 😭.
So if you reply on this post... I won't be able to reply. Keep one side communication here if you like with me. However you can reply to others.)
Top comments (0)