Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2011-0010
HistoryJan 18, 2011 - 6:03 p.m.

Authentication flaw

2011-01-1818:03:00
PRIOn knowledge base
www.prio-n.com
5

7.2 High

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0005 Low

EPSS

Percentile

14.4%

JSON

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.

CPENameOperatorVersion
sudoeq1.7.2-p4
sudoeq1.7.0
sudoeq1.7.4-p2
sudoeq1.7.1
sudoeq1.7.2-p2
sudoeq1.7.2-p7
sudoeq1.7.2
sudoeq1.7.4
sudoeq1.7.4-p3
sudoeq1.7.3-b1
Rows per page:
1-10 of 161

References

Related

oraclelinux 2
nessus 19
openvas 20
cve 1
freebsd 1
slackware 1
ubuntu 1
securityvulns 2
redhat 3
debiancve 1
veracode 1
ubuntucve 1
fedora 2
gentoo 1
oraclelinux
oraclelinux
sudo security and bug fix update
2011-05-28 00:00:00
sudo security and bug fix update
2012-03-01 00:00:00
nessus
nessus
Scientific Linux Security Update : sudo on SL6.x i386/x86_64
2012-08-01 00:00:00
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : sudo (SSA:2011-041-05)
2011-02-11 00:00:00
Scientific Linux Security Update : sudo on SL5.x i386/x86_64 (20120221)
2012-08-01 00:00:00
openvas
openvas
RedHat Update for sudo RHSA-2011:0599-01
2012-06-06 00:00:00
RedHat Update for sudo RHSA-2012:0309-03
2012-02-21 00:00:00
FreeBSD Ports: sudo
2011-01-24 00:00:00
cve
cve
CVE-2011-0010
2011-01-18 18:03:00
freebsd
freebsd
sudo -- local privilege escalation
2011-01-11 00:00:00
slackware
slackware
[slackware-security] sudo
2011-02-11 01:18:11
ubuntu
ubuntu
Sudo vulnerability
2011-01-20 00:00:00
securityvulns
securityvulns
[USN-1046-1] Sudo vulnerability
2011-01-20 00:00:00
sudo privilege escalation
2011-01-20 00:00:00
redhat
redhat
(RHSA-2011:0599) Low: sudo security and bug fix update
2011-05-19 00:00:00
(RHSA-2012:0309) Low: sudo security and bug fix update
2012-02-21 00:00:00
(RHSA-2012:0168) Important: rhev-hypervisor5 security and bug fix update
2012-02-21 00:00:00
debiancve
debiancve
CVE-2011-0010
2011-01-18 18:03:00
veracode
veracode
Privilege Escalation
2020-04-10 01:01:50
ubuntucve
ubuntucve
CVE-2011-0010
2011-01-18 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: sudo-1.7.4p5-1.fc14
2011-01-18 21:40:13
[SECURITY] Fedora 13 Update: sudo-1.7.4p5-1.fc13
2011-01-21 23:00:08
gentoo
gentoo
sudo: Privilege escalation
2012-03-06 00:00:00

7.2 High

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0005 Low

EPSS

Percentile

14.4%

JSON
Related for PRION:CVE-2011-0010
oraclelinux2nessus19openvas20cve1freebsd1slackware1ubuntu1securityvulns2redhat3debiancve1veracode1ubuntucve1fedora2gentoo1