Gentoo: GLSA-202303-05 Critical Impact Sudo Privilege Bypass
gentoo
February 6, 2009
A vulnerability in sudo may allow for privilege escalation.
Summary
Gentoo Linux Security Advisory GLSA 200902-01
https://security.gentoo.org/
Severity: High
Title: sudo: Privilege escalation
Date: February 06, 2009
Bugs: #256633
ID: 200902-01
Synopsis
=======
A vulnerability in sudo may allow for privilege escalation.
Background
=========
sudo allows a system administrator to give users the ability to run
commands as other users.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-admin/sudo < 1.7.0 >= 1.7.0
==========
Harald Koenig discovered that sudo incorrectly handles group
specifications in Runas_Alias (and related) entries when a group is
specified in the list (using %group syntax, to allow a user to run
comma...
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/106932_4c9dbbdde36eef04251a4ced7eac4df9 on line 11
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!