Описание
parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.
Ссылки
- Broken Link
- Broken Link
- Not Applicable
- Not Applicable
- Not Applicable
- Not Applicable
- Broken Link
- ProductRelease Notes
- Broken Link
- Not Applicable
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
- Third Party Advisory
- Permissions Required
- Issue TrackingPermissions Required
- Broken Link
- Broken Link
Уязвимые конфигурации
Одно из
EPSS
7.8 High
CVSS3
6.9 Medium
CVSS2
Дефекты
Связанные уязвимости
parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.
parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.
parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret ...
parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.
EPSS
7.8 High
CVSS3
6.9 Medium
CVSS2