Описание
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | released | 1.7.2p7-1ubuntu2 |
| hardy | not-affected | |
| jaunty | not-affected | |
| karmic | released | 1.7.0-1ubuntu2.5 |
| lucid | released | 1.7.2p1-1ubuntu5.2 |
| upstream | pending | 1.7.4p4 |
Показывать по
EPSS
6.2 Medium
CVSS2
Связанные уязвимости
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not ...
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
EPSS
6.2 Medium
CVSS2