Does CVE-2021-3156 affect One Identity Products? Sudo before 1.9.5p2 has a Heap-based Buffer Overflow. (4263275)

Tchater maintenant avec le support

Retour

Commentaire envoyé

Cet article vous a-t-il à résoudre un problème ?

Sélectionner une évaluation

Titre

Does CVE-2021-3156 affect One Identity Products? Sudo before 1.9.5p2 has a Heap-based Buffer Overflow.
Description

CVE-2021-3156 - Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
For more information please see the National Vulnerability Database or the Common Vulnerabilities and Exposures entries.
Is Safeguard Authentication Services or Safeguard for Sudo affected by this defect?
Résolution

RESOLUTION:
The products Safeguard Authentication Services and Safeguard for Sudo either provide tools for managing Sudoers entries or tracking input and output logging for auditing purposes. Both products work within existing Sudo installations, extending their functionality and security. One Identity does not provide the Sudo product itself and therefore the vulnerability does not exist within these One Identity products.

One Identity recommends working with your Operating System vendor or Sudo vendor to ensure you have the latest patched version of Sudo for your environment.

Commentaire envoyé

Cet article vous a-t-il à résoudre un problème ?

Sélectionner une évaluation

Contenu recommandé

Produit(s) :: Safeguard Authentication Services
5.1, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.1, 5.0, 4.2.5, 4.2.4, 4.2.3, 4.2.2, 4.2.1, 4.2; Safeguard for Sudo
7.2.1, 7.2, 7.1.1, 7.1, 7.0, 6.1.1, 6.1, 2.0, 1.0

Historique de l’article :: Créé le : 1/27/2021
Dernière mise à jour le : 5/7/2023

Titre