Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2009-0034

Опубликовано: 23 янв. 2009
Источник: redhat
CVSS2: 6.6

Описание

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=481720sudo: incorrect handling of groups in Runas_User

6.6 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2009-0034

CVSS3: 7.8
ubuntu
больше 16 лет назад

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.

nvd логотип

CVE-2009-0034

CVSS3: 7.8
nvd
больше 16 лет назад

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.

debian логотип

CVE-2009-0034

CVSS3: 7.8
debian
больше 16 лет назад

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret ...

github логотип

GHSA-4x95-346p-g442

CVSS3: 7.8
github
около 3 лет назад

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.

oracle-oval логотип

ELSA-2009-0267

oracle-oval
больше 16 лет назад

ELSA-2009-0267: sudo security update (MODERATE)

6.6 Medium

CVSS2