Privilege Escalation

sudo is vulnerable to privilege escalation. The vulnerability exists as a flaw was discovered in a way sudo handled group specifications in "run as" lists in the sudoers configuration file. If sudo configuration allowed a user to run commands as any user of some group and the user was also a memb...

RedHat Security Advisory RHSA-2009:0267

The remote host is missing updates announced in advisory RHSA-2009:0267. The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root with logging. A flaw was discovered in a way sudo handled group specifications in run as lists in the sudoe...

sudo: Privilege escalation

Background sudo allows a system administrator to give users the ability to run commands as other users. Description Harald Koenig discovered that sudo incorrectly handles group specifications in RunasAlias and related entries when a group is specified in the list using %group syntax, to allow a...

RHEL 5 : sudo (RHSA-2009:0267)

The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2009:0267 advisory. The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root with logging. A flaw was...

Moderate: Red Hat Security Advisory: sudo security update

An updated sudo package to fix a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The sudo superuser do utility allows system administrators to give certain users the ability to run...