SUDO is a Unix application that enables the system administrators to yield limited root rights to regular users who admitted in the sudoers file, while at the same time gripping a log of their all actions.
Recently, a now-fixed Sudo vulnerability has been released that allows any local user to gain access to the root privileges on Unix-like operating systems without needing any kind of authentication.
It acts on the principle of most limited privilege, where the program provides enough permission to the people so that they can get their jobs done without negotiating the overall protection of the system.
CVE ID: CVE-2021-3156
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, enabling all kinds of privilege escalation to root via “sudoedit with -s or -i flags” and provide a command-line argument that concludes with a single backslash character.
Root Privileges For Any Local User
This vulnerability was revealed by the security researchers from Qualys, who revealed it on January 13th…