Dec 23, 2019
In October of 2019, a flaw was found in sudo, a core command utility that is an integral part of all Linux distributions. This vulnerability allows Linux users to gain access as a root (admin) user and run commands that would otherwise be restricted to them. With a low level of difficulty for exploitation and a CVSS score of 7.8, this sudo flaw is the real deal.
Ordinarily, sudo is used to allow system administrators to grant access to certain users and give them the ability to run commands as any user without having to go through the process of logging in to a different profile every time. Administrators can also prevent root access to certain users, until now.
The sudo flaw originates from the way sudo handles user IDs. The vulnerability is triggered when the negative user ID, -1 or its unsigned equivalent 4294967295, is used, giving the attacker root access. And since these user IDs don’t exist in the password database, it doesn’t require a password for use. Any attacker who has sudo access is able to exploit this flaw.
This means trouble for any CISOs whos organization uses Linux machines. Being able to become a root user with just a couple of clicks means endless opportunities for an attacker. Linux did patch the vulnerability in its latest version, but their distributions still need to roll it out to their users. It is recommended that CISOs go ahead and update manually, so they are not stuck waiting for the update from their distribution.
With Vicarius’ TOPIA -- an advanced AI-driven platform, CISOs and key security personnel are being alerted about critical patches and vulnerabilities in real time, so that they don't need to go through endless lists of vulnerabilities, but only deal with what matters. Instead of patching everything (which never works), focus on what matters right now.
Most Common Mac MalwareKent Weigle April 23, 2021
Are Macs Safe from Spyware?Kent Weigle April 23, 2021
Mac User? Pay Attention to These ThreatsKent Weigle April 23, 2021
Mac Ransomware: Fact or FictionKent Weigle April 22, 2021
Macs are Vulnerable, TooKent Weigle April 21, 2021