Описание
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
6.2 Medium
CVSS2
Дефекты
Связанные уязвимости
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not ...
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
EPSS
6.2 Medium
CVSS2