3 matches found
Ubuntu 8.04 LTS / 8.10 : sudo vulnerability (USN-722-1)
Harald Koenig discovered that sudo did not correctly handle certain privilege changes when handling groups. If a local attacker belonged to a group included in a 'RunAs' list in the /etc/sudoers file, that user could gain root privileges. This was not an issue for the default sudoers file shipped...
GLSA-200902-01 : sudo: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-200902-01 sudo: Privilege escalation Harald Koenig discovered that sudo incorrectly handles group specifications in RunasAlias and related entries when a group is specified in the list using %group syntax, to allow a user to run...
sudo: Privilege escalation
Background sudo allows a system administrator to give users the ability to run commands as other users. Description Harald Koenig discovered that sudo incorrectly handles group specifications in RunasAlias and related entries when a group is specified in the list using %group syntax, to allow a...