CVE-2016-7032

Опубликовано: 14 апр. 2017

Источник: nvd

CVSS3: 7

CVSS2: 6.9

EPSS Низкий

Описание

sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.

Ссылки

http://rhn.redhat.com/errata/RHSA-2016-2872.html
http://www.securityfocus.com/bid/95776
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1372830
Issue Tracking
Third Party Advisory
VDB Entry
https://usn.ubuntu.com/3968-3/
https://www.sudo.ws/alerts/noexec_bypass.html
http://rhn.redhat.com/errata/RHSA-2016-2872.html
http://www.securityfocus.com/bid/95776
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1372830
Issue Tracking
Third Party Advisory
VDB Entry
https://usn.ubuntu.com/3968-3/
https://www.sudo.ws/alerts/noexec_bypass.html

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.3:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.5:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.6:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.7:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.8:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.9:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.10:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.3:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.4:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.5:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.6:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.7:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.8:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.9:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.10:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.11:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.12:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.13:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.14:p3:*:*:*:*:*:*

EPSS

Процентиль: 10%

0.00035

Низкий

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

CVE-2016-7032

CVSS3: 7

ubuntu

больше 8 лет назад

sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.

CVE-2016-7032

CVSS3: 6.4

redhat

около 9 лет назад

sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.

CVE-2016-7032

CVSS3: 7

debian

больше 8 лет назад

sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users ...

GHSA-wmxc-c63f-gpf8

CVSS3: 7

github

больше 3 лет назад

sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.

SUSE-SU-2016:2893-1

suse-cvrf

почти 9 лет назад

Security update for sudo

EPSS

Процентиль: 10%

0.00035

Низкий

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-284