Dec 23, 2019
In October of 2019, a flaw was found in sudo, a core command utility that is an integral part of all Linux distributions. This vulnerability allows Linux users to gain access as a root (admin) user and run commands that would otherwise be restricted to them. With a low level of difficulty for exploitation and a CVSS score of 7.8, this sudo flaw is the real deal.
Ordinarily, sudo is used to allow system administrators to grant access to certain users and give them the ability to run commands as any user without having to go through the process of logging in to a different profile every time. Administrators can also prevent root access to certain users, until now.
The sudo flaw originates from the way sudo handles user IDs. The vulnerability is triggered when the negative user ID, -1 or its unsigned equivalent 4294967295, is used, giving the attacker root access. And since these user IDs don’t exist in the password database, it doesn’t require a password for use. Any attacker who has sudo access is able to exploit this flaw.
This means trouble for any CISOs whos organization uses Linux machines. Being able to become a root user with just a couple of clicks means endless opportunities for an attacker. Linux did patch the vulnerability in its latest version, but their distributions still need to roll it out to their users. It is recommended that CISOs go ahead and update manually, so they are not stuck waiting for the update from their distribution.
With Vicarius’ TOPIA -- an advanced AI-driven platform, CISOs and key security personnel are being alerted about critical patches and vulnerabilities in real time, so that they don't need to go through endless lists of vulnerabilities, but only deal with what matters. Instead of patching everything (which never works), focus on what matters right now.
Could the Vulnerability Fujiwhara Effect Be the New Normal?Kent Weigle January 18, 2021
Six Ways to Improve Your Patch Management PracticesKent Weigle January 05, 2021
Top Trending CVEs of January 2021Kent Weigle February 01, 2021
So I Really Have to Update Chrome?Kent Weigle February 08, 2021
CVSS: The Vulnerability DartboardKent Weigle December 16, 2020