Home page logo

bugtraq logo Bugtraq mailing list archives

Re: [security () suse de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3
From: "Todd C. Miller" <Todd.Miller () courtesan com>
Date: Tue, 31 May 2005 11:10:17 -0600

In message <20050531085218.GA10534 () suse de>
        so spake Marcus Meissner (meissner):

I cannot reproduce this in the default installation of sudo in SUSE Linux

Sudo catches SIGINT and returns an empty string for the password
so I don't see how this could happen unless the user's actual
password was empty.  I suppose some kind of PAM misconfiguration
is also possible.

 - todd

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]