Vulnerability Details : CVE-2010-2956
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
Exploit prediction scoring system (EPSS) score for CVE-2010-2956
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-2956
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.2
|
MEDIUM | AV:L/AC:H/Au:N/C:C/I:C/A:C |
1.9
|
10.0
|
NIST |
References for CVE-2010-2956
-
http://www.vupen.com/english/advisories/2010/2358
Webmail | OVH- OVH
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047516.html
[SECURITY] Fedora 13 Update: sudo-1.7.4p4-1.fc13
-
http://www.vupen.com/english/advisories/2010/2318
Webmail | OVH- OVH
-
https://bugzilla.redhat.com/show_bug.cgi?id=628628
628628 – (CVE-2010-2956) CVE-2010-2956 sudo: incorrect handling of RunAs specification with both user and group lists
-
http://www.securitytracker.com/id?1024392
Sudo Runas Group Matching Error Lets Local Users Gain Elevated Privileges - SecurityTracker
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:175
mandriva.com
-
http://www.securityfocus.com/archive/1/514489/100/0/threaded
SecurityFocus
-
http://www.redhat.com/support/errata/RHSA-2010-0675.html
Support
-
http://www.securityfocus.com/archive/1/515545/100/0/threaded
SecurityFocus
-
http://security.gentoo.org/glsa/glsa-201009-03.xml
sudo: Privilege Escalation (GLSA 201009-03) — Gentoo security
-
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2010:017
-
http://www.ubuntu.com/usn/USN-983-1
USN-983-1: Sudo vulnerability | Ubuntu security notices
-
http://www.securityfocus.com/bid/43019
Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
-
http://www.vmware.com/security/advisories/VMSA-2011-0001.html
VMSA-2011-0001.3
-
http://www.vupen.com/english/advisories/2011/0025
Webmail | OVH- OVH
-
http://www.vupen.com/english/advisories/2010/2312
Webmail | OVH- OVH
- http://wiki.rpath.com/Advisories:rPSA-2010-0075
-
http://www.vupen.com/english/advisories/2010/2320
Webmail | OVH- OVH
-
http://www.sudo.ws/sudo/alerts/runas_group.html
Flaw in Runas group matchingVendor Advisory
Products affected by CVE-2010-2956
- cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*
- cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*