PT-2001-2372 · Engarde · Engarde Secure Linux

Publicado

2001-07-11

Atualizado

2008-09-05

CVE-2001-1240

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Engarde Secure Linux version 1.0.1

Description The default configuration of sudo in Engarde Secure Linux allows any user in the admin group to run certain commands that could be leveraged to gain full root access.

Recommendations For Engarde Secure Linux version 1.0.1, consider restricting the privileges of the admin group to prevent unauthorized access to sensitive commands until a proper configuration or patch is available. As a temporary workaround, review and modify the sudo configuration to limit the commands that can be executed by the admin group.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2001-1240

Produtos afetados

Engarde Secure Linux

PT-2001-2372 · Engarde · Engarde Secure Linux

CVE-2001-1240

Identificadores relacionados

Produtos afetados

Referências · 2