Описание
sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."
Ссылки
- ExploitIssue Tracking
- Third Party Advisory
- Third Party Advisory
- Release NotesVendor Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- ExploitIssue Tracking
- Third Party Advisory
- Third Party Advisory
- Release NotesVendor Advisory
- Third Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
EPSS
7.2 High
CVSS2
Дефекты
Связанные уязвимости
sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt."
sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt."
sudoedit in Sudo before 1.8.15 allows local users to gain privileges v ...
sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt."
EPSS
7.2 High
CVSS2