|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Slackware Local Security Checks >> SSA- sudo upgrade fixes a potential vulnerability Vulnerability Assessment Details
|
SSA- sudo upgrade fixes a potential vulnerability |
||
SSA sudo upgrade fixes a potential vulnerability Detailed Explanation for this Vulnerability Assessment New sudo packages are available to fix a security problem which may permit users to become root, or to execute arbitrary code as root. Here's the information from the Slackware 8.0 ChangeLog: ---------------------------- Thu Apr 25 12:00:50 PDT 2002 patches/packages/sudo.tgz: Upgraded to sudo-1.6.6. This version of sudo fixes a security problem whereby a local user may gain root access through corruption of the heap (Off-By-Five). This issue was discovered by Global InterSec LLC, and more information may be found on their web site: http://www.globalintersec.com/adv/sudo-2002041701.txt The discussion on the site indicates that this problem may only be exploitable on systems that use PAM, which Slackware does not use. However, in the absence of proof, it still seems prudent to upgrade sudo immediately. (* Security fix *) ---------------------------- Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Michel Arboi |
||
Cables, Connectors |
Vintage Apple Macintosh SE Case - Empty Shell - Housing retro project
$60.00
Vintage Apple IIGS Computer A2S6000 w/ 5.25 & 3.5 Floppy Drives Tested Working
$299.99
Vintage Apple LisaDraw Brochure, very nice condition
$40.00
Apple Mac Powerbook Duo 230 Vintage Laptop
$60.00
Vintage Apple Macintosh PowerBook 100 AC Power Adapter M5651 (APS-20U) | AP45
$16.99
Vintage Apple Macintosh II 2 M5000 Computer no power very nice w drives card
$350.00
Vintage Apple Macintosh Power Supply Part Number 631-5105-A
$39.99
Vintage Apple Joystick IIe and IIc A2M2012, 2 Button - Untested
$79.99
VINTAGE APPLE MACINTOSH IIci DESKTOP COMPUTER - POWERS ON NO FURTHER TESTING
$149.99
MacEffects Gray ALPS Mechanical Keyboard for Vintage Apple IIe Computers
$195.00
|
||
No Discussions have been posted on this vulnerability. |