ID CVE-2010-2956
Summary Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
References
Vulnerable Configurations
  • cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*
  • cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*
    cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*
CVSS
Base: 6.2 (as of 10-10-2018 - 20:00)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:H/Au:N/C:C/I:C/A:C
redhat via4
advisories
bugzilla
id 628628
title CVE-2010-2956 sudo: incorrect handling of RunAs specification with both user and group lists
oval
AND
  • comment Red Hat Enterprise Linux 5 is installed
    oval oval:com.redhat.rhba:tst:20070331001
  • comment sudo is earlier than 0:1.7.2p1-8.el5_5
    oval oval:com.redhat.rhsa:tst:20100675002
  • comment sudo is signed with Red Hat redhatrelease key
    oval oval:com.redhat.rhsa:tst:20090267003
rhsa
id RHSA-2010:0675
released 2010-09-07
severity Important
title RHSA-2010:0675: sudo security update (Important)
rpms sudo-0:1.7.2p1-8.el5_5
refmap via4
bid 43019
bugtraq
  • 20101027 rPSA-2010-0075-1 sudo
  • 20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
confirm
fedora FEDORA-2010-14355
gentoo GLSA-201009-03
mandriva MDVSA-2010:175
sectrack 1024392
secunia
  • 40508
  • 41316
  • 42787
suse SUSE-SR:2010:017
ubuntu USN-983-1
vupen
  • ADV-2010-2312
  • ADV-2010-2318
  • ADV-2010-2320
  • ADV-2010-2358
  • ADV-2011-0025
Last major update 10-10-2018 - 20:00
Published 10-09-2010 - 19:00
Back to Top