Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-23239

Опубликовано: 12 янв. 2021
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 1.9
CVSS3: 2.5

Описание

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

РелизСтатусПримечание
bionic

released

1.8.21p2-3ubuntu1.4
devel

released

1.9.4p2-2ubuntu2
esm-infra-legacy/trusty

needed

esm-infra/bionic

released

1.8.21p2-3ubuntu1.4
esm-infra/focal

released

1.8.31-1ubuntu1.2
esm-infra/xenial

released

1.8.16-0ubuntu1.10
focal

released

1.8.31-1ubuntu1.2
groovy

released

1.9.1-1ubuntu1.1
hirsute

released

1.9.4p2-2ubuntu2
impish

released

1.9.4p2-2ubuntu2

Показывать по

Ссылки на источники

EPSS

Процентиль: 20%
0.00062
Низкий

1.9 Low

CVSS2

2.5 Low

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-23239

CVSS3: 2.5
redhat
почти 5 лет назад

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

nvd логотип

CVE-2021-23239

CVSS3: 2.5
nvd
почти 5 лет назад

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

msrc логотип

CVE-2021-23239

CVSS3: 2.5
msrc
почти 5 лет назад

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

debian логотип

CVE-2021-23239

CVSS3: 2.5
debian
почти 5 лет назад

The sudoedit personality of Sudo before 1.9.5 may allow a local unpriv ...

github логотип

GHSA-wfrc-r682-56qv

CVSS3: 2.5
github
больше 3 лет назад

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

EPSS

Процентиль: 20%
0.00062
Низкий

1.9 Low

CVSS2

2.5 Low

CVSS3