CVE-2015-8239

Опубликовано: 09 нояб. 2015

Источник: redhat

CVSS2: 6

EPSS Низкий

Описание

The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	sudo	Not affected
Red Hat Enterprise Linux 6	sudo	Not affected
Red Hat Enterprise Linux 7	sudo	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-367

https://bugzilla.redhat.com/show_bug.cgi?id=1283635sudo: Race condition when checking digests in sudoers

EPSS

Процентиль: 75%

0.00876

Низкий

6 Medium

CVSS2

Связанные уязвимости

CVE-2015-8239

CVSS3: 7

ubuntu

больше 8 лет назад

The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.

CVE-2015-8239

CVSS3: 7

nvd

больше 8 лет назад

The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.

CVE-2015-8239

CVSS3: 7

debian

больше 8 лет назад

The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 all ...

GHSA-w2j3-vrwq-vgh5

CVSS3: 7

github

больше 3 лет назад

The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.

EPSS

Процентиль: 75%

0.00876

Низкий

6 Medium

CVSS2