Описание
ELSA-2010-0475: sudo security update (MODERATE)
[1.7.2p1-7]
- added patch that fixes insufficient environment sanitization issue (#598154) Resolves: #598381
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
sudo
1.7.2p1-7.el5_5
Oracle Linux x86_64
sudo
1.7.2p1-7.el5_5
Oracle Linux i386
sudo
1.7.2p1-7.el5_5
Связанные CVE
Связанные уязвимости
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1. ...
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.