Lucene search
Veracode Vulnerability DatabaseVERACODE:28972HistoryJan 12, 2021 - 9:16 p.m.
Information Disclosure
2021-01-1221:16:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
EPSS
0.001
Percentile
39.6%
sudo is vulnerable to information disclosure. The sudoedit personality allows a local unprivileged user to determine the existence of an arbitrary directory by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.
References
bugzilla.suse.com/show_bug.cgi?id=CVE-2021-23239
lists.fedoraproject.org/archives/list/[email protected]/message/EE42Y35SMJOLONAIBNYNFC7J44UUZ2Y6/
lists.fedoraproject.org/archives/list/[email protected]/message/GMY4VSSBIND7VAYSN6T7XIWJRWG4GBB3/
security-tracker.debian.org/tracker/CVE-2021-23239
security.gentoo.org/glsa/202101-33
security.netapp.com/advisory/ntap-20210129-0010/
www.sudo.ws/stable.html#1.9.5
Related
ubuntucve
ubuntucve
CVE-2021-23239
2021-01-12 00:00:00
debian
debian
[SECURITY] [DLA 3181-1] sudo security update
2022-11-07 15:00:58
cvelist
cvelist
CVE-2021-23239
2021-01-12 00:00:00
nessus
nessus
FreeBSD : sudo -- Potential information leak in sudoedit (6193b3f6-548c-11eb-ba01-206a8a720317)
2021-01-12 00:00:00
Debian DLA-3181-1 : sudo - LTS security update
2022-11-07 00:00:00
EulerOS 2.0 SP3 : sudo (EulerOS-SA-2022-1191)
2022-02-23 00:00:00
osv
osv
sudo - security update
2022-11-07 00:00:00
CVE-2021-23239
2021-01-12 09:15:14
Low: sudo security and bug fix update
2021-05-18 05:55:11
alpinelinux
alpinelinux
CVE-2021-23239
2021-01-12 09:15:14
redhatcve
redhatcve
CVE-2021-23239
2021-01-11 21:31:46
prion
prion
Race condition
2021-01-12 09:15:00
nvd
nvd
CVE-2021-23239
2021-01-12 09:15:14
freebsd
freebsd
sudo -- Potential information leak in sudoedit
2021-01-11 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-23239 affecting package sudo 1.8.31p1-4
2021-03-03 03:44:08
cve
cve
CVE-2021-23239
2021-01-12 09:15:14
openvas
openvas
Debian: Security Advisory (DLA-3181-1)
2022-11-08 00:00:00
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2022-1191)
2022-02-24 00:00:00
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1757)
2021-04-13 00:00:00
debiancve
debiancve
CVE-2021-23239
2021-01-12 09:15:14
slackware
slackware
[slackware-security] sudo
2021-01-11 20:06:01
oraclelinux
oraclelinux
sudo security and bug fix update
2021-05-25 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1980
2021-07-02 18:12:00
archlinux
archlinux
[ASA-202101-25] sudo: multiple issues
2021-01-20 00:00:00
mageia
mageia
Updated sudo packages fix security vulnerabilities
2021-01-17 19:07:01
ubuntu
ubuntu
Sudo vulnerabilities
2021-01-26 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: sudo-1.9.5p1-1.fc33
2021-01-20 01:33:31
[SECURITY] Fedora 32 Update: sudo-1.9.5p1-1.fc32
2021-01-21 01:19:17
redhat
redhat
almalinux
almalinux
Low: sudo security and bug fix update
2021-05-18 05:55:11
cloudfoundry
cloudfoundry
USN-4705-1: Sudo vulnerabilities | Cloud Foundry
2021-02-10 00:00:00
rocky
rocky
sudo security and bug fix update
2021-05-18 05:55:11
suse
suse
Security update for sudo (important)
2021-01-27 00:00:00
Security update for sudo (important)
2021-01-27 00:00:00
gentoo
gentoo
sudo: Multiple vulnerabilities
2021-01-26 00:00:00
