A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site

Alerts

Cisco Security Updates

Cisco has released security updates to address vulnerabilities in VPN Routers. The exploitation of these vulnerabilities could allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review Cisco Security Advisory and apply necessary updates.

Linux Sudo Package Elevation of Privilege Vulnerability- CVE-2021-3156

Linux Sudo Package Elevation of Privilege Vulnerability- CVE-2021-3156

Advisory No: TZCERT/SA/2021/02/03

Date of First Release: 03rd February 2021

Source: Sudo

Software Affected: 

Sudo versions 1.8.2 through 1.8.31p2 & 1.9.0 through 1.9.5p1

Overview:

A heap overflow vulnerability exists in sudo, a utility available in Unix operating systems. Successful exploitation of this vulnerability may allow an unprivileged user to gain root privileges, even though the user is not listed in the sudoers file.

Description:

The vulnerability is in the code that removes the escape characters, will read beyond the last character of a string if it ends with an unescaped backslash character. When sudo runs a command in shell mode, with -s or -i options, it escapes special characters in the command’s arguments with a backslash.

The attacker can use this bug to control the “user_args” size and cause a buffer overflow.

Impact:

Successful exploitation of the vulnerability could allow an unprivileged user to gain root privileges to the host system.

Solution:

There is no workaround for this vulnerability; however, users are advised to patch sudo to the latest stable version.

  • To test whether your version of sudo is vulnerable.

Type the following command; Sudoedit -s /

A vulnerable version of sudo will either prompt for a password or display an error similar to sudoedit: /: not a regular file

A patched version of sudo will display a statement like the following:

usage: sudoedit [-AknS] [-a type] [-C num] [-c class] [-D directory] [-g group]

                [-h host] [-p prompt] [-R directory] [-T timeout] [-u user]

                file …

References:

  1. https://www.sudo.ws/alerts/unescape_overflow.html 
  2. https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

Apple Security Update

Apple has release security updates to address vulnerabilities in macOS Big Sur, Catalina, Mojave and Safari. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Apple Security Advisories HT212147 and HT212152 and apply necessary updates.

Foxit Security Update

Foxit has released security updates to address a vulnerability in Foxit Phantom and Foxit Reader for macOS. Exploitation of this vulnerability may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Foxit Security advisory and apply necessary updates.

Ubuntu Security Update

Ubuntu has released security updates to address vulnerabilities in Linux kernel. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Ubuntu Security Advisory and apply necessary updates.