[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

USN-722-1 -- sudo vulnerability

ID: oval:org.secpod.oval:def:700457Date: (C)2011-05-13   (M)2017-10-04
Class: PATCHFamily: unix




Harald Koenig discovered that sudo did not correctly handle certain privilege changes when handling groups. If a local attacker belonged to a group included in a "RunAs" list in the /etc/sudoers file, that user could gain root privileges. This was not an issue for the default sudoers file shipped with Ubuntu.

Platform:
Ubuntu 8.10
Ubuntu 8.04
Product:
sudo
Reference:
USN-722-1
CVE-2009-0034
CVE    1
CVE-2009-0034
CPE    1
cpe:/o:ubuntu:ubuntu_linux:8.04

© 2013 SecPod Technologies