Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD908F4CF2-1E8B-11E0-A587-001B77D09812
HistoryJan 11, 2011 - 12:00 a.m.

sudo -- local privilege escalation

2011-01-1100:00:00
vuxml.freebsd.org
33

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0005 Low

EPSS

Percentile

15.8%

JSON

Todd Miller reports:

Beginning with sudo version 1.7.0 it has been possible
to grant permission to run a command using a specified
group via sudo’s -g option (run as group), if allowed by
the sudoers file. A flaw exists in sudo’s password
checking logic that allows a user to run a command
with only the group changed without being prompted
for a password.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchsudo= 1.7.0UNKNOWN
FreeBSDanynoarchsudo< 1.7.4.5UNKNOWN

Related

oraclelinux 2
nessus 19
openvas 20
slackware 1
cve 1
prion 1
ubuntu 1
redhat 3
veracode 1
ubuntucve 1
securityvulns 2
debiancve 1
fedora 2
gentoo 1
oraclelinux
oraclelinux
sudo security and bug fix update
2011-05-28 00:00:00
sudo security and bug fix update
2012-03-01 00:00:00
nessus
nessus
Scientific Linux Security Update : sudo on SL6.x i386/x86_64
2012-08-01 00:00:00
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : sudo (SSA:2011-041-05)
2011-02-11 00:00:00
Scientific Linux Security Update : sudo on SL5.x i386/x86_64 (20120221)
2012-08-01 00:00:00
openvas
openvas
RedHat Update for sudo RHSA-2011:0599-01
2012-06-06 00:00:00
RedHat Update for sudo RHSA-2012:0309-03
2012-02-21 00:00:00
Oracle: Security Advisory (ELSA-2012-0309)
2015-10-06 00:00:00
slackware
slackware
[slackware-security] sudo
2011-02-11 01:18:11
cve
cve
CVE-2011-0010
2011-01-18 18:03:00
prion
prion
Authentication flaw
2011-01-18 18:03:00
ubuntu
ubuntu
Sudo vulnerability
2011-01-20 00:00:00
redhat
redhat
(RHSA-2012:0309) Low: sudo security and bug fix update
2012-02-21 00:00:00
(RHSA-2011:0599) Low: sudo security and bug fix update
2011-05-19 00:00:00
(RHSA-2012:0168) Important: rhev-hypervisor5 security and bug fix update
2012-02-21 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 01:01:50
ubuntucve
ubuntucve
CVE-2011-0010
2011-01-18 00:00:00
securityvulns
securityvulns
[USN-1046-1] Sudo vulnerability
2011-01-20 00:00:00
sudo privilege escalation
2011-01-20 00:00:00
debiancve
debiancve
CVE-2011-0010
2011-01-18 18:03:00
fedora
fedora
[SECURITY] Fedora 14 Update: sudo-1.7.4p5-1.fc14
2011-01-18 21:40:13
[SECURITY] Fedora 13 Update: sudo-1.7.4p5-1.fc13
2011-01-21 23:00:08
gentoo
gentoo
sudo: Privilege escalation
2012-03-06 00:00:00

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0005 Low

EPSS

Percentile

15.8%

JSON
Related for 908F4CF2-1E8B-11E0-A587-001B77D09812
oraclelinux2nessus19openvas20slackware1cve1prion1ubuntu1redhat3veracode1ubuntucve1securityvulns2debiancve1fedora2gentoo1