Computer Security
[EN] securityvulns.ru no-pyccku


sudo privilege escalation
updated since 01.02.2009
Published:01.02.2009
Source:
SecurityVulns ID:9637
Type:remote
Threat Level:
6/10
Description:It's possible to elevate privileges to root even if configured to run under different account.
Affected:SUDO : sudo 1.6
CVE:CVE-2009-0034 (parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.)
Original documentdocumentRPATH, rPSA-2009-0021-1 sudo (01.02.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod