Lucene search

K

PRIOn knowledge basePRION:CVE-2010-2956

HistorySep 10, 2010 - 7:00 p.m.

Design/Logic Flaw

2010-09-1019:00:00

PRIOn knowledge base

www.prio-n.com

3

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.3%

Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a “-u root” sequence.

CPENameOperatorVersion
sudoeq1.7.2-p4
sudoeq1.7.0
sudoeq1.7.4-p2
sudoeq1.7.1
sudoeq1.7.2-p2
sudoeq1.7.2-p7
sudoeq1.7.2
sudoeq1.7.4
sudoeq1.7.4-p3
sudoeq1.7.3-b1

Rows per page:

1-10 of 151

References

lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

secunia.com/advisories/40508

secunia.com/advisories/41316

secunia.com/advisories/42787

security.gentoo.org/glsa/glsa-201009-03.xml

wiki.rpath.com/Advisories:rPSA-2010-0075

www.mandriva.com/security/advisories?name=MDVSA-2010:175

www.redhat.com/support/errata/RHSA-2010-0675.html

www.securityfocus.com/archive/1/514489/100/0/threaded

www.securityfocus.com/archive/1/515545/100/0/threaded

www.securityfocus.com/bid/43019

www.securitytracker.com/id?1024392

www.ubuntu.com/usn/USN-983-1

www.vmware.com/security/advisories/VMSA-2011-0001.html

www.vupen.com/english/advisories/2010/2312

www.vupen.com/english/advisories/2010/2318

www.vupen.com/english/advisories/2010/2320

www.vupen.com/english/advisories/2010/2358

www.vupen.com/english/advisories/2011/0025

bugzilla.redhat.com/show_bug.cgi?id=628628

lists.fedoraproject.org/pipermail/package-announce/2010-September/047516.html

www.sudo.ws/sudo/alerts/runas_group.html

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.3%

Related for PRION:CVE-2010-2956

freebsd1 nessus17 openvas21 veracode1 fedora3 oraclelinux1 debiancve1 slackware1 redhat1 cve1 centos1 ubuntucve1 securityvulns2 cvelist1 nvd1 ubuntu1 gentoo1 vmware2