<html><head></head><body>A good reason to only give sudo to specific commands and deny it to all editor tools.<br><br><br>Yeah. More updates.<br><br><div class="gmail_quote">On January 26, 2021 4:40:56 PM EST, "Beddingfield, Allen via Ale" <ale@ale.org> wrote:<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<pre class="k9mail">This one is pretty nasty.  Essentially, any unprivileged user can exploit it.  For those of us who manage large web environments, that is particularly concerning, since PHP shells seem to be a favorite trick of the script kiddies.<br><br><a href="https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit">https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit</a><br><br>Allen B.<br>--<br>Allen Beddingfield<br>Systems Engineer<br>Office of Information Technology<br>The University of Alabama<br>Office 205-348-2251<br>allen@ua.edu<hr>Ale mailing list<br>Ale@ale.org<br><a href="https://mail.ale.org/mailman/listinfo/ale">https://mail.ale.org/mailman/listinfo/ale</a><br>See JOBS, ANNOUNCE and SCHOOLS lists at<br><a href="http://mail.ale.org/mailman/listinfo">http://mail.ale.org/mailman/listinfo</a><br></pre></blockquote></div><br>-- <br>Computers amplify human error<br>Super computers are really cool</body></html>