- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-201009-03 (sudo: Privilege Escalation)
Multiple vulnerabilities have been reported in sudo:
Evan Broder and Anders Kaseorg of Ksplice, Inc. reported that the sudo 'secure path' feature does not properly handle multiple PATH variables (CVE-2010-1646).
Markus Wuethrich of Swiss Post reported that sudo fails to restrict access when using Runas groups and the group (-g) command line option (CVE-2010-2956).
Impact :
A local attacker could exploit these vulnerabilities to gain the ability to run certain commands with the privileges of other users, including root, depending on the configuration.
Workaround :
There is no known workaround at this time.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top