CVE-2010-0427

Опубликовано: 27 апр. 2009

Источник: redhat

CVSS2: 6.6

Описание

sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command.

Отчет

This issue did not affect the versions of the sudo packages as shipped with Red Hat Enterprise Linux 3 and 4.

Ссылки на источники

Дополнительная информация

Статус:

Important

https://bugzilla.redhat.com/show_bug.cgi?id=567622sudo: Fails to reset group permissions if runas_default set

6.6 Medium

CVSS2

Связанные уязвимости

CVE-2010-0427

ubuntu

больше 15 лет назад

sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command.

CVE-2010-0427

nvd

больше 15 лет назад

sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command.

CVE-2010-0427

debian

больше 15 лет назад

sudo 1.6.x before 1.6.9p21, when the runas_default option is used, doe ...

GHSA-fvmp-m2wj-xqp8

github

около 3 лет назад

sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command.

ELSA-2010-0122

oracle-oval

больше 15 лет назад

ELSA-2010-0122: sudo security update (IMPORTANT)

6.6 Medium

CVSS2