PT-2018-4982 · Sudo+5 · Sudo+5

Florian Weimer

Publicado

2016-11-17

Atualizado

2024-06-15

CVE-2016-7076

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions sudo versions prior to 1.8.18p1

Description The issue allows a local user to bypass the sudo noexec restriction. This can happen when an application run via sudo executes the wordexp() C library function with a user-supplied argument. As a result, a local user permitted to run such an application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.

Recommendations For versions prior to 1.8.18p1, update to version 1.8.18p1 or later to resolve the issue.

Exploit

Correção

Command Injection

Incomplete List of Disallowed Inputs

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-77CWE-184

Identificadores relacionados

ALT-PU-2017-1056

CESA-2016_2872

CVE-2016-7076

DLA-707-1

MGASA-2016-0389

OPENSUSE-SU-2024:11413-1

RHSA-2016:2872

RHSA-2016_2872

SUSE-SU-2016:2891-1

SUSE-SU-2016:2893-1

SUSE-SU-2016:2904-1

USN-3968-1

USN-3968-3

Produtos afetados

Alt Linux

Centos

Red Hat

Suse

Ubuntu

Sudo

PT-2018-4982 · Sudo+5 · Sudo+5

CVE-2016-7076

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 115