Описание
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
4.4 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
Связанные уязвимости
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.
sudo: It was discovered that the default sudo configuration on Red Hat ...
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.
ELSA-2016-2593: sudo security, bug fix, and enhancement update (LOW)
EPSS
4.4 Medium
CVSS3
4.9 Medium
CVSS2