Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-7076

Опубликовано: 29 мая 2018
Источник: ubuntu
Приоритет: medium
CVSS2: 7.2
CVSS3: 6.4

Описание

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.

РелизСтатусПримечание
artful

not-affected

1.8.19p1-1ubuntu1
bionic

not-affected

1.8.19p1-1ubuntu1
cosmic

not-affected

1.8.19p1-1ubuntu1
devel

not-affected

1.8.19p1-1ubuntu1
disco

not-affected

1.8.19p1-1ubuntu1
eoan

not-affected

1.8.19p1-1ubuntu1
esm-infra-legacy/trusty

released

1.8.9p5-1ubuntu1.5+esm5
esm-infra/bionic

not-affected

1.8.19p1-1ubuntu1
esm-infra/focal

not-affected

1.8.19p1-1ubuntu1
esm-infra/xenial

released

1.8.16-0ubuntu1.6

Показывать по

Ссылки на источники

7.2 High

CVSS2

6.4 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-7076

CVSS3: 6.4
redhat
около 9 лет назад

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.

nvd логотип

CVE-2016-7076

CVSS3: 6.4
nvd
больше 7 лет назад

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.

debian логотип

CVE-2016-7076

CVSS3: 6.4
debian
больше 7 лет назад

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noe ...

github логотип

GHSA-v56m-9vh5-5qh5

CVSS3: 7.8
github
больше 3 лет назад

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.

suse-cvrf логотип

SUSE-SU-2016:2893-1

suse-cvrf
почти 9 лет назад

Security update for sudo

7.2 High

CVSS2

6.4 Medium

CVSS3