Dec 23, 2019
In October of 2019, a flaw was found in sudo, a core command utility that is an integral part of all Linux distributions. This vulnerability allows Linux users to gain access as a root (admin) user and run commands that would otherwise be restricted to them. With a low level of difficulty for exploitation and a CVSS score of 7.8, this sudo flaw is the real deal.
Ordinarily, sudo is used to allow system administrators to grant access to certain users and give them the ability to run commands as any user without having to go through the process of logging in to a different profile every time. Administrators can also prevent root access to certain users, until now.
The sudo flaw originates from the way sudo handles user IDs. The vulnerability is triggered when the negative user ID, -1 or its unsigned equivalent 4294967295, is used, giving the attacker root access. And since these user IDs don’t exist in the password database, it doesn’t require a password for use. Any attacker who has sudo access is able to exploit this flaw.
This means trouble for any CISOs whos organization uses Linux machines. Being able to become a root user with just a couple of clicks means endless opportunities for an attacker. Linux did patch the vulnerability in its latest version, but their distributions still need to roll it out to their users. It is recommended that CISOs go ahead and update manually, so they are not stuck waiting for the update from their distribution.
With Vicarius’ TOPIA -- an advanced AI-driven platform, CISOs and key security personnel are being alerted about critical patches and vulnerabilities in real time, so that they don't need to go through endless lists of vulnerabilities, but only deal with what matters. Instead of patching everything (which never works), focus on what matters right now.
Vicarius Records Signs Underground Sensation Lil CISOKent Weigle July 28, 2021
Benefits of Scanless Vulnerability AssessmentKent Weigle July 12, 2021
Three Important Steps for Your Vulnerability Remediation ProcessKent Weigle July 12, 2021
Challenges with Traditional Vulnerability ScannersKent Weigle July 10, 2021
Vulnerability Scanning: What Does It Entail?Kent Weigle July 09, 2021