CVSS: 6.9EPSS: 0%CPEs: 115EXPL: 0CVE-2011-0008
https://notcve.org/view.php?id=CVE-2011-0008
A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. Un parche en Fedora para parse.c en sudo anterior a v1.7.4p5-1.fc14 en Fedora 14 no interpreta correctamente un system group (también conocido como el %group) en el fichero sudoers en las decisiones de autorización para un usuario que pertenece a ese grupo, permitiendo a usuarios locales aprovecharse de un fichero sudoers y obtener privilegios de root a través de un comando sudo. NOTA: esta vulnerabilidad existe debido a la vulnerabilidad CVE-2009-0034. • http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html http://secunia.com/advisories/42968 http://www.mandriva.com/security/advisories?name=MDVSA-2011:018 http://www.vupen.com/english/advisories/2011/0195 http://www.vupen.com/english/advisories/2011/0199 https://bugzilla.redhat.com/show_bug.cgi?id=668843 https://exchange.xforce.ibmcloud.com/vulnerabilities/64965 •
CVSS: 6.6EPSS: 0%CPEs: 74EXPL: 2CVE-2010-1646 – sudo: insufficient environment sanitization issue
https://notcve.org/view.php?id=CVE-2010-1646
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable. La funcionalidad de ruta de acceso segura en env.c en sudo v1.3.1 a v1.6.9p22 y v1.7.0 a v1.7.2p6 no controla correctamente un entorno que contenga múltiples variables PATH, lo que podría permitir a usuarios locales conseguir privilegios a través de un valor debidamente modificado de la última variable de entorno PATH. • http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40002 http://secunia.com/advisories/40188 http://secunia.com/advisories/40215 http://secunia.com/advisories/40508 http://secunia.com/advisories/43068 http:/ • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.6EPSS: 0%CPEs: 28EXPL: 1CVE-2010-0427 – sudo: Fails to reset group permissions if runas_default set
https://notcve.org/view.php?id=CVE-2010-0427
sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. sudo v1.6.x anterior a v1.6.9p21 cuando se utiliza la opción runas_default no establece adecuadamente las pertenencias a grupos, esto permite a usuarios locales aumentar sus privilegios mediante un comando sudo. • ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html http://secunia.com/advisories/38762 http://secunia.com/advisories/38795 http://secunia.com/advisories/38803 http://secunia.com/advisories/38915 http://securitytracker.com/id?1023658 http://sudo.ws/repos/sudo/rev/aa0b6c01c462 http://wiki.rpath.com/Advisories:rPSA-2010-0075 http://www.debian.org/security/2010/dsa-2006 http://www.gentoo.org/s • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.9EPSS: 0%CPEs: 32EXPL: 2CVE-2010-0426 – sudo: sudoedit option can possibly allow for arbitrary code execution
https://notcve.org/view.php?id=CVE-2010-0426
sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory. sudo v1.6.x anterior a v1.6.9p21 y v1.7.x anterior a v1.7.2p4, cuando un pseudo-comando está activado, permite la coincidencia entre el nombre del pseudo-comando y el nombre de un archivo ejecutable en un directorio cualquiera, lo que permite a usuarios locales obtener privilegios a través de un archivo ejecutable manipulado, como se ha demostrado mediante el archivo sudoedit en el directorio home de un usuario. • https://github.com/t0kx/privesc-CVE-2010-0426 https://github.com/g1vi/CVE-2010-0426 ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html http://secunia.com/advisories/38659 http://secunia.com&#x • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 0%CPEs: 47EXPL: 2CVE-2007-4305 – Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-4305
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing. Múltiples condiciones de carrera en (1) el modo monitor de Sudo Y (2) políticas Sysjail en Systrace de NetBSD y OpenBSD permiten a usuarios locales vencer la interposición en llamadas al sistema, y por tanto evitar la política de control de acceso y monitorización. • https://www.exploit-db.com/exploits/30484 http://secunia.com/advisories/26479 http://www.securityfocus.com/bid/25258 http://www.watson.org/~robert/2007woot •