CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
10.1%
CentOS Errata and Security Advisory CESA-2010:0122
The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root.
A privilege escalation flaw was found in the way sudo handled the sudoedit
pseudo-command. If a local user were authorized by the sudoers file to use
this pseudo-command, they could possibly leverage this flaw to execute
arbitrary code with the privileges of the root user. (CVE-2010-0426)
The sudo utility did not properly initialize supplementary groups when the
βrunas_defaultβ option (in the sudoers file) was used. If a local user
were authorized by the sudoers file to perform their sudo commands under
the account specified with βrunas_defaultβ, they would receive the root
userβs supplementary groups instead of those of the intended target user,
giving them unintended privileges. (CVE-2010-0427)
Users of sudo should upgrade to this updated package, which contains
backported patches to correct these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-March/078693.html
https://lists.centos.org/pipermail/centos-announce/2010-March/078694.html
Affected packages:
sudo
Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0122
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i386 | sudo | <Β 1.6.9p17-6.el5_4 | sudo-1.6.9p17-6.el5_4.i386.rpm |
CentOS | 5 | i386 | sudo | <Β 1.6.9p17-6.el5_4 | sudo-1.6.9p17-6.el5_4.i386.rpm |
CentOS | 5 | x86_64 | sudo | <Β 1.6.9p17-6.el5_4 | sudo-1.6.9p17-6.el5_4.x86_64.rpm |
CentOS | 5 | x86_64 | sudo | <Β 1.6.9p17-6.el5_4 | sudo-1.6.9p17-6.el5_4.x86_64.rpm |