Sudo for Mac OS X has been found vulnerable to buffer overflows

What is sudo?

Sudo (superuser do) is a piece of software that allows a system admin to give certain users/groups the ability to run commands as root or another user

Sudo is available with most all unix based operating systems including Mac OS X.

The Problem

On 4.23.2K1 FreeBSD, Inc. released a security advisory warning users that all version of sudo prior to version 1.6.3.7 contains a local command-line buffer overflow allowing a local user to potentially gain increased privileges on the local system.

Mac OS X 10.0.4 DOES included a fixed version of sudo – so make sure you update Mac OS X, alternative choice: The authors of sudo have released a patch, and with the freedom of open source Scott Anguish has created a Mac OS X custom installation application to fix sudo.

Download Fix:

Sudo Upgrade Installer for Mac OS X by Scott Anguish

Building sudo

If you choose not to use the packaged installation above and you choose to build sudo yourself you must have the developers tools installed!

Scott Anguish has written full instructions and documentation how to fix and build sudo, read it @ Stepwise website!

Please make sure you notice that in Mac OS X 10.0.2 it does not include a fixed version of sudo so you must apply changes yourself.