Author Topic: Linux sudo flaw (CVE-2019-14287) (Read 1718 times)

Rudock1 · « **on:** October 16, 2019, 08:13:01 AM »

Hi all,

Just thought I'd share a recent article about sudo. I realize our TC approaches root, su and sudo differently than most other distributions, but I'd appreciate hearing from our resident experts with any opinions, concerns or suggestions.

https://thehackernews.com/2019/10/linux-sudo-run-as-root-flaw.html

thx
Billy

curaga · « **Reply #1 on:** October 16, 2019, 10:14:14 AM »

That vulnerability lets you become root with sudo, if the config is set such that you can become another non-root user but not root. Our config, like that of most distros, lets you become root only; further, there is no password for it by default, so this vuln doesn't really concern TC.

vinceASPECT · « **Reply #2 on:** October 17, 2019, 02:09:49 PM »

Yes ........forum,

There are vulnerability's abound. That is how all the worlds handhelds are vulnerable. Billions of devices. Due to CPU vulnerability's.

The same is true of Msoft. The free Hirens Boot CD ....allows (with simple usage) a novice user to access any windows networked machines. Simply bypassing all manners of security logins at ***any*** level.

Just put my 2 cents....... sudo Gone to SPECSAVERS........( jokin)

Vince.

Tiny Core Linux

News:

Author Topic: Linux sudo flaw (CVE-2019-14287) (Read 1718 times)

Rudock1

Linux sudo flaw (CVE-2019-14287)

curaga

Re: Linux sudo flaw (CVE-2019-14287)

vinceASPECT

Re: Linux sudo flaw (CVE-2019-14287)