// For flags

CVE-2009-0034

sudo: incorrect handling of groups in Runas_User

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.

parse.c de sudo v1.6.9p17 hasta v1.6.9p19, no interpreta correctamente un grupo del sistema (también conocido como %group) en el fichero sudoers durante la decisión de autorización para un usuario que pertenezca a ese grupo. Esto permite a usuarios locales utilizar un fichero sudoers y obtener privilegios de root (administrador) a través de un comando sudo.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
Attack Vector
Local
Attack Complexity
Medium
Authentication
Single
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-12-15 CVE Reserved
  • 2009-01-30 CVE Published
  • 2024-03-21 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-863: Incorrect Authorization
CAPEC
References (21)
URL Tag Source
http://lists.vmware.com/pipermail/security-announce/2009/000060.html Broken Link
http://osvdb.org/51736 Broken Link
http://secunia.com/advisories/33753 Not Applicable
http://secunia.com/advisories/33840 Not Applicable
http://secunia.com/advisories/33885 Not Applicable
http://secunia.com/advisories/35766 Not Applicable
http://wiki.rpath.com/Advisories:rPSA-2009-0021 Broken Link
http://www.gratisoft.us/bugzilla/show_bug.cgi?id=327 Product
http://www.securityfocus.com/archive/1/500546/100/0/threaded Broken Link
http://www.securityfocus.com/archive/1/504849/100/0/threaded Broken Link
http://www.securityfocus.com/bid/33517 Broken Link
http://www.securitytracker.com/id?1021688 Broken Link
http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c.diff?r1=1.160.2.21&r2=1.160.2.22&f=h Broken Link
http://www.vmware.com/security/advisories/VMSA-2009-0009.html Third Party Advisory
https://issues.rpath.com/browse/RPL-2954 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10856 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6462 Broken Link
URL Date SRC
URL Date SRC
URL Date SRC
http://www.mandriva.com/security/advisories?name=MDVSA-2009:033 2024-01-12
http://www.redhat.com/support/errata/RHSA-2009-0267.html 2024-01-12
https://access.redhat.com/security/cve/CVE-2009-0034 2009-02-05
https://bugzilla.redhat.com/show_bug.cgi?id=481720 2009-02-05
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gratisoft
Search vendor "Gratisoft"
 Sudo
Search vendor "Gratisoft" for product "Sudo"
 1.6.9
Search vendor "Gratisoft" for product "Sudo" and version "1.6.9"
p17
Affected
Gratisoft
Search vendor "Gratisoft"
 Sudo
Search vendor "Gratisoft" for product "Sudo"
 1.6.9
Search vendor "Gratisoft" for product "Sudo" and version "1.6.9"
p18
Affected
Gratisoft
Search vendor "Gratisoft"
 Sudo
Search vendor "Gratisoft" for product "Sudo"
 1.6.9
Search vendor "Gratisoft" for product "Sudo" and version "1.6.9"
p19
Affected
Vmware
Search vendor "Vmware"
 Esx
Search vendor "Vmware" for product "Esx"
 4.0
Search vendor "Vmware" for product "Esx" and version "4.0"
-
Affected