CVE-2017-1000368

Опубликовано: 02 июн. 2017

Источник: redhat

CVSS3: 7.3

EPSS Низкий

Описание

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.

It was found that the original fix for CVE-2017-1000367 was incomplete. A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-20

https://bugzilla.redhat.com/show_bug.cgi?id=1459152sudo: Privilege escalation via improper get_process_ttyname() parsing (insufficient fix for CVE-2017-1000367)

EPSS

Процентиль: 38%

0.00166

Низкий

7.3 High

CVSS3

Связанные уязвимости

CVE-2017-1000368

CVSS3: 8.2

ubuntu

больше 8 лет назад

CVE-2017-1000368

CVSS3: 8.2

nvd

больше 8 лет назад

CVE-2017-1000368

CVSS3: 8.2

debian

больше 8 лет назад

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an in ...

openSUSE-SU-2017:1697-1

suse-cvrf

больше 8 лет назад

Security update for sudo

SUSE-SU-2017:1778-1

suse-cvrf

больше 8 лет назад

Security update for sudo

EPSS

Процентиль: 38%

0.00166

Низкий

7.3 High

CVSS3