Sudo is a powerful utility that is remembered for most if not all Unix-and Linux-based OSes which allows a permitted user to execute a command as the superuser or another user, as specified by the security policy. This paper covers Unix like systems which are vulnerable to heap-based buffer overflow sudo vulnerability. This vulnerability was hidden for around the last ten years, affecting unpatched versions of sudo programs from 1.8.2-1.8.31p2 and 1.9.0-1.9.5p1.
Key Pointers:
- Understanding the history of this vulnerability and how it works
- Understanding the severity of this vulnerability with CVSS score of 7.8
- Mapping the vulnerable sudo versions and understanding the scope of impact
- Preparing the prerequisites to set up the lab and demonstrate the exploitation
- Learning about the mitigations to patch this vulnerability
