On Tue, 2005-05-31 at 13:02 +0700, Xnuxer Security wrote: > Today, 31 May 2005, I found error with root privilige escalation in > Sudo version 1.6.8p7 that package installed with SuSE 9.3. Testing in > my machine, sudo appear not check is true when I press CTRL + C with > blank password and giving status SID as root privilige to SID user. I > got successful as root without need a password but only use blank > password and press CTRL + C. Please check my testing below in my SuSE > 9.3 box: > Other sudo version is not check yet, about affect in other distro of > linux not check too but possible vulnerable, please check it. SuSE > Security still contacted by me. Gentoo. version of sudo is 1.6.7p5. Not affected -- Ow Mun Heng Gentoo/Linux on DELL D600 1.4Ghz 1.5GB RAM 98% Microsoft(tm) Free!! Neuromancer 00:35:11 up 1 day, 2:36, 6 users, load average: 0.29, 0.68, 0.66
