CVE-2015-5602
Sudo 1.8.14 (RHEL 5/6/7 / Ubuntu) - 'Sudoedit' Unauthorized Privilege Escalation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
-Decision
Descriptions
sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt."
sudoedit en Sudo en versiones anteriores a 1.8.15 permite a usuarios locales obtener privilegios a través de un ataque de enlaces simbólicos en un archivo cuya totalidad de la ruta se define utilizando múltiples comodines en /etc/sudoers, según lo demostrado mediante '/home/*/*/file.txt.'
When sudo is configured to allow a user to edit files under a directory that they can already write to without using sudo, they can actually edit (read and write) arbitrary files. Daniel Svartman reported that a configuration like this might be introduced unintentionally if the editable files are specified using wildcards, for example.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-07-20 CVE Reserved
- 2015-11-17 CVE Published
- 2017-12-16 First Exploit
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | X_refsource_confirm |
|
| http://www.securitytracker.com/id/1034392 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/37710 | 2024-08-06 | |
| https://github.com/t0kx/privesc-CVE-2015-5602 | 2017-12-16 | |
| https://github.com/cved-sources/cve-2015-5602 | 2021-04-15 | |
| http://bugzilla.sudo.ws/show_bug.cgi?id=707 | 2024-08-06 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sudo Project Search vendor "Sudo Project" | Sudo Search vendor "Sudo Project" for product "Sudo" | <= 1.8.14 Search vendor "Sudo Project" for product "Sudo" and version " <= 1.8.14" | - |
Affected
| ||||||