April 19, 2001

Update to sudo

Author: JT Smith

Posted at LWN.net: The setuid application sudo(8) allows a user to execute commands under
the privileges of another user (including root).
sudo(8) previous to version 1.6.3p6 is vulnerable by a buffer overflow
in it's logging code, which could lead to local root compromise.

There is no exploit known to be public.
A useful workaround isn't possible, the only fix is to install the new
sudo packages.


  • Linux
Click Here!