Sudo Flaw Opens Potential Security Risk for OS X, Linux

    Date09 Sep 2013
    CategoryHacks/Cracks
    16398
    Posted ByDave Wreski
    A security flaw in the command line tool sudo in OS X 10.7 and higher, as well as some Linux distributions, could give unauthorized root access to user's computers. The flaw was reported by Metasploit, a company that specializes in finding security issues and building utilities to point them out, but the steps needed to exploit this particular issue make it unlikely most Mac users will become victims before a patch is available. To take advantage of the exploit, an attacker needs to already have an administrator-level account on the Mac, physical or remote access to the machine, have already used the sudo command, and to set the system clock to January 1, 1970. The concoction needed to use the flaw makes it highly unlikely that the average Mac user will be at risk, but it does pose a potential threat in the IT work place, or for anyone that shares a Mac with someone that's command line-savvy.
    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"4","type":"x","order":"1","pct":100,"resources":[]},{"id":"56","title":"No","votes":"0","type":"x","order":"2","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.