Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
Major SUDO Flaw
Even though restrictions may be set up, malicious users could still bypass security and run commands as root. To exploit the bug you just have to specify the user ID “-1” or “4294967295” because the function to convert user ids into their usernames incorrectly treats -1, or 4294967295, like 0, which is always the user ID of root user.
This was discovered by Joe Vennix of Apple Information.
You must be logged in to reply to this topic.