CVE-2011-0010

Severity

44%

Complexity

34%

Confidentiality

106%

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.

CVSS 2.0 Base Score 4.4. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:P/I:P/A:P).

Overview

Type

Todd Miller Sudo

First reported 14 years ago

2011-01-18 18:03:00

Last updated 7 years ago

2018-01-05 02:29:00

Affected Software

Todd Miller Sudo 1.7.0

1.7.0

Todd Miller Sudo 1.7.1

1.7.1

Todd Miller Sudo 1.7.2

1.7.2

Todd Miller Sudo 1.7.2p1

1.7.2p1

Todd Miller Sudo 1.7.2p2

1.7.2p2

Todd Miller Sudo 1.7.2p3

1.7.2p3

Todd Miller Sudo 1.7.2p4

1.7.2p4

Todd Miller Sudo 1.7.2p5

1.7.2p5

Todd Miller Sudo 1.7.2p6

1.7.2p6

Todd Miller Sudo 1.7.2p7

1.7.2p7

Todd Miller Sudo 1.7.3b1

1.7.3b1

Todd Miller Sudo 1.7.4

1.7.4

Todd Miller Sudo 1.7.4p1

1.7.4p1

Todd Miller Sudo 1.7.4p2

1.7.4p2

Todd Miller Sudo 1.7.4p3

1.7.4p3

Todd Miller Sudo 1.7.4p4

1.7.4p4

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609641

FEDORA-2011-0470

FEDORA-2011-0455

SUSE-SR:2011:002

[oss-security] 20110111 CVE request: sudo does not ask for password on GID changes

Patch

[oss-security] 20110112 Re: CVE request: sudo does not ask for password on GID changes

Patch

[oss-security] 20110112 Re: CVE request: sudo does not ask for password on GID changes

42886

Vendor Advisory

42949

42968

43068

43282

GLSA-201203-06

SSA:2011-041-05

MDVSA-2011:018

70400

RHSA-2011:0599

45774

http://www.sudo.ws/repos/sudo/rev/07d1b0ce530e

Patch

http://www.sudo.ws/repos/sudo/rev/fe8a94f96542

Patch

http://www.sudo.ws/sudo/alerts/runas_group_pw.html

USN-1046-1

ADV-2011-0089

Vendor Advisory

ADV-2011-0182

ADV-2011-0195

ADV-2011-0199

ADV-2011-0212

ADV-2011-0362

https://bugzilla.redhat.com/show_bug.cgi?id=668879

Patch

sudo-groupid-privilege-escalation(64636)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.